Security & Compliancelow risk

metagit-release-audit

Mandatory before calling work complete when the session changed repo files. Runs format, lint, tests, integration tests, context-aware pip-audit/bandit, and optional gitleaks via task qa:prepush. Use before push, release, or hand-off.

metagit-ai/metagit-cli·.agents/skills/metagit-release-audit/SKILL.md
85/ 100品質

この Skill を導入

coding agent を選び、プロジェクト用または個人用コマンドをコピーします。

収録 commit に固定
プロジェクトに導入.agents/skills/metagit-release-audit
npx skills add https://github.com/metagit-ai/metagit-cli/tree/482dfb3b7a407ca5e541657a6fcc9af619818243/.agents/skills/metagit-release-audit -a codex -y
個人環境に導入~/.agents/skills/metagit-release-audit
npx skills add https://github.com/metagit-ai/metagit-cli/tree/482dfb3b7a407ca5e541657a6fcc9af619818243/.agents/skills/metagit-release-audit -a codex -g -y
手動配置先.agents/skills/metagit-release-auditOfficial docs ↗
プロジェクトに導入.claude/skills/metagit-release-audit
npx skills add https://github.com/metagit-ai/metagit-cli/tree/482dfb3b7a407ca5e541657a6fcc9af619818243/.agents/skills/metagit-release-audit -a claude-code -y
個人環境に導入~/.claude/skills/metagit-release-audit
npx skills add https://github.com/metagit-ai/metagit-cli/tree/482dfb3b7a407ca5e541657a6fcc9af619818243/.agents/skills/metagit-release-audit -a claude-code -g -y
手動配置先.claude/skills/metagit-release-auditOfficial docs ↗
プロジェクトに導入.agents/skills/metagit-release-audit
npx skills add https://github.com/metagit-ai/metagit-cli/tree/482dfb3b7a407ca5e541657a6fcc9af619818243/.agents/skills/metagit-release-audit -a github-copilot -y
個人環境に導入~/.copilot/skills/metagit-release-audit
npx skills add https://github.com/metagit-ai/metagit-cli/tree/482dfb3b7a407ca5e541657a6fcc9af619818243/.agents/skills/metagit-release-audit -a github-copilot -g -y
手動配置先.agents/skills/metagit-release-auditOfficial docs ↗
プロジェクトに導入.agents/skills/metagit-release-audit
npx skills add https://github.com/metagit-ai/metagit-cli/tree/482dfb3b7a407ca5e541657a6fcc9af619818243/.agents/skills/metagit-release-audit -a cursor -y
個人環境に導入~/.cursor/skills/metagit-release-audit
npx skills add https://github.com/metagit-ai/metagit-cli/tree/482dfb3b7a407ca5e541657a6fcc9af619818243/.agents/skills/metagit-release-audit -a cursor -g -y
手動配置先.agents/skills/metagit-release-auditOfficial docs ↗
プロジェクトに導入.agents/skills/metagit-release-audit
npx skills add https://github.com/metagit-ai/metagit-cli/tree/482dfb3b7a407ca5e541657a6fcc9af619818243/.agents/skills/metagit-release-audit -a gemini-cli -y
個人環境に導入~/.gemini/skills/metagit-release-audit
npx skills add https://github.com/metagit-ai/metagit-cli/tree/482dfb3b7a407ca5e541657a6fcc9af619818243/.agents/skills/metagit-release-audit -a gemini-cli -g -y
Native Gemini CLIgemini skills install https://github.com/metagit-ai/metagit-cli.git --scope workspace --path .agents/skills/metagit-release-audit
手動配置先.agents/skills/metagit-release-auditOfficial docs ↗
⚠ インストールには open-source skills CLI を使用します。実行前にソースと権限を確認してください。
# Auditing Release Readiness

Use this skill **whenever** your session added or edited tracked files in this repository and you are about to hand off or say the task is done—not only “release” workflows. Read-only Q&A with no writes can skip it.

## Workflow

1. Run the pre-push quality gate.
2. Capture failing stage logs and iterate fixes.
3. Re-run until all required checks pass.
4. Return a short readiness summary.

## Commands

- `task qa:prepush`
- `task qa:prepush:loop -- 3` (optional bounded retry loop)

## Output Contract

Return:
- pass/fail status by stage (including `security_sync` / `security_audit` / `security_bandit` when triggered)
- unresolved blockers (if any)
- push readiness recommendation

Security in the gate is context-aware: lockfile changes run `uv sync --frozen --all-extras` + `pip-audit` + `bandit`; `src/` changes run `pip-audit` + `bandit`; docs-only diffs skip security. Use `task security:scan` for a full manual run.

## Safety

- Do not claim readiness unless checks are actually green.