Skill2.3k estrellas del repoactualizado 4d ago

llm-gate

llm-gate implements AI-powered quality verification using Claude Code prompt hooks to validate operations before execution. It intercepts commands like git commits, file writes, and destructive operations, running them through Haiku to check compliance with conventions, security policies, and code standards. Use this skill to establish intelligent guardrails that enforce commit message formats, prevent API key leaks, block unsafe deletions, or validate code patterns beyond what traditional linters can detect.

Ver fuente Repositorio: pro-workflow

Instalar en Claude Code

Copiar

git clone --depth 1 https://github.com/rohitg00/pro-workflow /tmp/llm-gate && cp -r /tmp/llm-gate/skills/llm-gate ~/.claude/skills/llm-gate

Después abre una sesión nueva de Claude Code; el skill carga automáticamente.

Definición

SKILL.md

# LLM Gate

Use Claude Code's `type: "prompt"` hooks to create intelligent quality gates that use AI to verify operations.

## Trigger

Use when:
- Setting up commit message validation
- Enforcing code conventions beyond what linters catch
- Creating smart guardrails for specific operations

## How Prompt Hooks Work

Claude Code supports hooks with `type: "prompt"` that run a small LLM (Haiku by default) to verify conditions:

```json
{
  "PreToolUse": [{
    "matcher": "Bash",
    "hooks": [{
      "type": "prompt",
      "if": "Bash(git commit*)",
      "prompt": "Check if this git commit follows conventional commit format (<type>(<scope>): <summary>). The commit command is: $ARGUMENTS. Return {\"ok\": true} if valid, {\"ok\": false, \"reason\": \"...\"} if not.",
      "model": "haiku",
      "timeout": 15
    }]
  }]
}
```

The hook:
1. Substitutes `$ARGUMENTS` with the JSON hook input
2. Sends to Haiku (fast, cheap)
3. Expects `{"ok": true}` or `{"ok": false, "reason": "..."}`
4. If not ok → blocks the tool call with the reason

## Example Gates

### Conventional Commit Validator
```json
{
  "type": "prompt",
  "if": "Bash(git commit*)",
  "prompt": "Verify this git commit follows conventional commits: type(scope): summary. Types: feat,fix,refactor,test,docs,chore,perf,ci. Summary under 72 chars. Input: $ARGUMENTS",
  "model": "haiku"
}
```

### Destructive Command Guard
```json
{
  "type": "prompt",
  "if": "Bash(rm *)",
  "prompt": "Check if this rm command is safe. Flag if it uses -rf on important directories (src/, node_modules/, .git/). Input: $ARGUMENTS",
  "model": "haiku"
}
```

### API Key Leak Prevention
```json
{
  "type": "prompt",
  "matcher": "Write",
  "prompt": "Check if this file write contains hardcoded API keys, secrets, passwords, or tokens. Input: $ARGUMENTS. Return ok:false if secrets found.",
  "model": "haiku"
}
```

## Agent Hooks

For complex verification, use `type: "agent"` (runs a full agent):

```json
{
  "type": "agent",
  "if": "Bash(git push*)",
  "prompt": "Review all staged changes for security issues before pushing. Check for: hardcoded secrets, SQL injection, XSS vulnerabilities, exposed internal URLs.",
  "model": "haiku",
  "timeout": 60
}
```

## Setup Guide

1. Choose which operations to gate
2. Write the prompt (keep it focused, under 100 words)
3. Pick the model (haiku for speed, sonnet for accuracy)
4. Set timeout (15s for prompts, 60s for agents)
5. Add to hooks.json under the appropriate event

## Rules

- Use Haiku for simple checks (fast, cheap)
- Use Sonnet only for complex analysis
- Keep prompts under 100 words for reliability
- Always include `if` condition to avoid running on every tool call
- Set reasonable timeouts (15s prompt, 60s agent)
- Test hooks before deploying to avoid blocking workflows

Del mismo repositorio

context-engineerSubagent

Analyzes and optimizes context window usage across sessions. Use when context feels bloated, sessions run slow, or approaching compaction limits.

cost-analystSubagent

Analyze session token usage and cost patterns. Identify expensive operations and recommend optimizations. Use to understand and reduce session costs.

debuggerSubagent

Specialized debugging agent. Use when facing hard bugs, test failures, or runtime errors that need systematic investigation.

orchestratorSubagent

Multi-phase development agent. Research > Plan > Implement with validation gates. Use PROACTIVELY when building features that touch >5 files or require architecture decisions.

permission-analystSubagent

Analyze permission denial patterns and generate optimized alwaysAllow/alwaysDeny rules. Use when permission prompts slow down workflow.

plannerSubagent

Break down complex tasks into implementation plans before writing code. Use when task touches >5 files, requires architecture decisions, or has unclear requirements.

reviewerSubagent

Code review specialist that verifies every finding against actual code before reporting. Use before committing, for PR reviews, or after major changes.

scoutSubagent

Confidence-gated exploration that assesses readiness before implementation. Scores 0-100 across five dimensions and gives GO/HOLD verdict.