A curated library of 16 skills that encode Ruby development discipline — from test-first coding to domain modeling to security review. No agents. No frameworks. Just pure, composable workflow knowledge.
An agent told to "add a feature" writes code first and asks questions later. It skips tests, ignores domain boundaries, and leaves no documentation. You spend more time reviewing and fixing than you saved.
Each skill defines a sequence of checkpoints the agent must pass before it can continue. Think of it as a checklist with teeth.
Non-negotiable checkpoints. An agent cannot proceed until each gate is satisfied. For example: test must exist and fail for the right reason before any implementation code is written.
Numbered steps with inline examples. The agent follows a concrete sequence — not vague advice. Every output has a defined format.
Each skill lists its integration points — which skill comes next. The skill-router chains them into complete workflows like TDD Feature Loop or Bug Fix.
Every skill lives in its own directory with a SKILL.md entry point. The type determines what the agent does with it.
Define rigorous gates and workflows that the agent must follow. They enforce how work is done.
Define concrete patterns and structures. They encode what the output should look like.
Breaks features into structured task lists. It plans before the agent builds.
Every code-producing skill in this library enforces the same rule. No implementation code exists until a failing test proves the need for it. This is the red-green-refactor loop, wired directly into every skill.
Write test → Run test → Verify it FAILS
for the right reason → Implement → Verify it PASSES
Every skill has a HARD-GATE section. The agent cannot proceed past it.
No single skill does everything. They compose. The output of one feeds into the next, guided by the skill-router.
The default TDD Feature Loop: 8 skills composed into one workflow
Let's walk through what the agent actually sees when it loads this skill. Here's the real gate sequence from skills/process/tdd-process/SKILL.md.
A test file exists for the change. Cannot write code without it.
The test executes without syntax errors or missing dependencies.
The test fails for the expected reason — not a typo, not a missing file.
Write the smallest change that makes the test pass. Nothing more.
The test suite is green. The gate is satisfied.
# Step 1: Write the failing test (RSpec) RSpec.describe Calculator do describe ".add" do it "returns the sum of two numbers" do result = Calculator.add(2, 3) expect(result).to eq(5) end end end # Run: rspec spec/calculator_spec.rb # Expected: 1 example, 1 failure # Failure: uninitialized constant Calculator # Step 4: Minimal implementation (only after confirming failure) class Calculator def self.add(a, b) a + b end end # Step 5: Run again # Expected: 1 example, 0 failures ✓
The agent doesn't need to know all 16 skills. It asks the router, and the router responds with the exact path to load.
Router Priority
This repository is deliberately agent-free. Agents are framework-specific — a Rails agent knows about ActiveRecord, a Hanami agent knows about slices. Both compose skills from here.
Each skill is a directory with a SKILL.md entry point. Load only what the task needs.
Enforces Red-Green-Refactor loop with 5 hard gates. Test must exist and fail before any code is written.
skills/process/tdd-process/4 gates: characterization tests must pass, one atomic change at a time, no behavior drift.
skills/process/refactor-process/Severity taxonomy (Critical/Major/Minor/Nitpick). Structured finding format. Critical blocks merge.
skills/process/review-process/OWASP Top 10 for Ruby. Input allowlists, no SQL interpolation, no secrets committed.
skills/process/security-review-process/Decision grid for test boundaries. First failing test must be identified before coding starts.
skills/process/test-planning-process/PORO .call pattern with success/error contract. 4 sub-patterns: Standard, Batch, Static, Orchestrator.
Strategy+Factory pattern. Factory.for(entity).calculate is the only permitted entry point.
5-layer pattern (Auth→Client→Fetcher→Builder→Entity). Security gate: never trust vendor responses.
skills/patterns/integrate-api-client/Extract ubiquitous language. Collect terms, resolve synonyms, choose canonical terms, flag ambiguity.
skills/ddd/define-domain-language/Tactical DDD: entities, value objects, aggregates, domain services. Output is model, not code.
skills/ddd/model-domain/Detect bounded context leakage. Map entry points, name contexts, find leakage, propose fix.
skills/ddd/review-domain-boundaries/7-step process: capture, bound, gather evidence, choose failing test, define fix, skeleton test, hand off.
skills/testing/triage-bug/7-step review response. 5 feedback categories. Structured push-back format. Implement one item at a time.
skills/code-quality/respond-to-review/Mandatory @param, @return, @raise for every public method. Tagged notes carry actionable context.
Entry point. Routes tasks to the correct skill. Disambiguates similar skills. All workflows start here.
skills/orchestration/skill-router/Breaks features into TDD task lists. Each task has 5 sub-steps: RED → Run fail → GREEN → Run pass → REFACTOR.
skills/planning/generate-tdd-tasks/
Every agent workflow in this ecosystem begins the same way: the skill-router receives the task, picks the right skill path, and hands control to the first skill in the chain.
Load skill-router → it routes to generate-tdd-tasks or tdd-process.
Load review-process or security-review-process directly. Severity-graded findings with structured output.
Load define-domain-language → model-domain → review-domain-boundaries.