Skip to content

feat: improve skill scores for autonomous-dev #901

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
yogesh-tessl wants to merge 1 commit into
base: master
Choose a base branch
from
Open

feat: improve skill scores for autonomous-dev #901

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
141 changes: 31 additions & 110 deletions plugins/autonomous-dev/skills/api-design/SKILL.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,24 +1,12 @@
---
name: api-design
description: "REST API design best practices covering versioning, error handling, pagination, and OpenAPI documentation. Use when designing or implementing REST APIs or HTTP endpoints. TRIGGER when: API design, REST endpoint, HTTP route, OpenAPI, swagger, pagination. DO NOT TRIGGER when: internal library code, CLI tools, non-HTTP interfaces."
allowed-tools: [Read]
allowed-tools: "Read"
---

# API Design Skill

REST API design best practices, HTTP conventions, versioning, error handling, and documentation standards.

## When This Skill Activates

- Designing REST APIs
- Creating HTTP endpoints
- Writing API documentation
- Handling API errors
- Implementing pagination
- API versioning strategies
- Keywords: "api", "rest", "endpoint", "http", "json", "openapi"

---
Project conventions for REST API design, error handling, versioning, and documentation.

## Core Concepts

Expand All @@ -36,27 +24,7 @@ RESTful resource design using nouns (not verbs), proper HTTP methods, and hierar

---

### 2. HTTP Status Codes

Proper status code usage for success (2xx), client errors (4xx), and server errors (5xx).

**Common Codes**:
- **200 OK**: Successful GET/PUT/PATCH
- **201 Created**: Successful POST (includes Location header)
- **204 No Content**: Successful DELETE
- **400 Bad Request**: Invalid input
- **401 Unauthorized**: Authentication required
- **403 Forbidden**: Authenticated but not allowed
- **404 Not Found**: Resource doesn't exist
- **422 Unprocessable**: Validation error
- **429 Too Many Requests**: Rate limit exceeded
- **500 Internal Server Error**: Server failure

**See**: `docs/http-status-codes.md` for complete reference and examples

---

### 3. Error Handling
### 2. Error Handling

RFC 7807 Problem Details format for consistent, structured error responses.

Expand Down Expand Up @@ -207,90 +175,43 @@ Idempotency, content negotiation, HATEOAS, bulk operations, and webhooks.

---

## Quick Reference

| Pattern | Use Case | Details |
|---------|----------|---------|
| REST Principles | Resource-based URLs | `docs/rest-principles.md` |
| Status Codes | HTTP response codes | `docs/http-status-codes.md` |
| Error Handling | RFC 7807 errors | `docs/error-handling.md` |
| Pagination | Large datasets | `docs/pagination.md` |
| Versioning | Breaking changes | `docs/versioning.md` |
| Authentication | API security | `docs/authentication.md` |
| Rate Limiting | Abuse prevention | `docs/rate-limiting.md` |
| Documentation | OpenAPI/Swagger | `docs/documentation.md` |

---
## API Design Workflow

## API Design Checklist

**Before Launch**:
- [ ] Use RESTful resource naming (nouns, not verbs)
- [ ] Implement proper HTTP status codes
- [ ] Add RFC 7807 error responses
- [ ] Include pagination for collections
- [ ] Add API versioning strategy
- [ ] Implement authentication
- [ ] Add rate limiting
- [ ] Configure CORS (if browser clients)
- [ ] Generate OpenAPI documentation
- [ ] Test idempotency for POST/PUT/DELETE
1. **Define resources** β€” identify nouns and relationships (`/users`, `/users/{id}/posts`)
2. **Design endpoints** β€” map CRUD to HTTP methods, keep URLs max 3 levels deep
3. **Implement error handling** β€” RFC 7807 format on all endpoints
4. **Add pagination** β€” offset or cursor-based on all collection endpoints
5. **Version the API** β€” URL path versioning (`/v1/`)
6. **Secure endpoints** β€” authentication (API key or JWT) + rate limiting
7. **Generate documentation** β€” OpenAPI spec, verify all endpoints documented
8. **Validate** β€” test idempotency for POST/PUT/DELETE, verify CORS if browser clients

**See**: `docs/patterns-checklist.md` for complete checklist

---

## Progressive Disclosure

This skill uses progressive disclosure to prevent context bloat:

- **Index** (this file): High-level concepts and quick reference (<500 lines)
- **Detailed docs**: `docs/*.md` files with implementation details (loaded on-demand)
## Reference Documentation

**Available Documentation**:
- `docs/rest-principles.md` - RESTful design patterns
- `docs/http-status-codes.md` - Complete status code reference
- `docs/error-handling.md` - Error response patterns
- `docs/request-response-format.md` - JSON structure conventions
- `docs/pagination.md` - Pagination strategies
- `docs/versioning.md` - API versioning patterns
- `docs/authentication.md` - Authentication methods
- `docs/rate-limiting.md` - Rate limiting implementation
- `docs/advanced-features.md` - CORS, filtering, sorting
- `docs/documentation.md` - OpenAPI/Swagger
- `docs/idempotency-content-negotiation.md` - Advanced patterns
- `docs/patterns-checklist.md` - Design checklist and common patterns

---
| Topic | File |
|-------|------|
| REST principles | `docs/rest-principles.md` |
| Status codes | `docs/http-status-codes.md` |
| Error handling | `docs/error-handling.md` |
| Request/response format | `docs/request-response-format.md` |
| Pagination | `docs/pagination.md` |
| Versioning | `docs/versioning.md` |
| Authentication | `docs/authentication.md` |
| Rate limiting | `docs/rate-limiting.md` |
| CORS, filtering, sorting | `docs/advanced-features.md` |
| OpenAPI/Swagger | `docs/documentation.md` |
| Idempotency, HATEOAS, webhooks | `docs/idempotency-content-negotiation.md` |
| Full checklist | `docs/patterns-checklist.md` |

## Cross-References

**Related Skills**:
- **error-handling-patterns** - Error handling best practices
- **security-patterns** - API security hardening
- **python-standards** - Python API implementation and documentation standards

**Related Libraries**:
- FastAPI - Python API framework with auto-documentation
- Pydantic - Data validation and serialization
- JWT libraries - Token-based authentication

---

## Key Takeaways

1. **Resources are nouns**: `/users`, not `/getUsers`
2. **Use HTTP methods correctly**: GET (read), POST (create), PUT (replace), DELETE (remove)
3. **Return proper status codes**: 200 (success), 201 (created), 404 (not found), 422 (validation error)
4. **Structured errors**: Use RFC 7807 format
5. **Paginate collections**: Offset or cursor-based
6. **Version your API**: URL path versioning (e.g., `/v1/users`)
7. **Secure endpoints**: API keys or JWT
8. **Rate limit**: Prevent abuse
9. **Document thoroughly**: OpenAPI/Swagger
10. **Test idempotency**: Safe retries for POST/PUT/DELETE

---
- [error-handling](../error-handling/SKILL.md) β€” Error handling best practices
- [security-patterns](../security-patterns/SKILL.md) β€” API security hardening
- [python-standards](../python-standards/SKILL.md) β€” Python API implementation standards

## Hard Rules

Expand All @@ -301,7 +222,7 @@ This skill uses progressive disclosure to prevent context bloat:
- Endpoints that accept unbounded input without pagination or limits

**REQUIRED**:
- All endpoints MUST have consistent error response format (`{error, message, code}`)
- All endpoints MUST use RFC 7807 Problem Details error format
- All collection endpoints MUST support pagination
- All mutations MUST be idempotent or explicitly documented as non-idempotent
- Rate limiting MUST be documented in API specification
17 changes: 5 additions & 12 deletions plugins/autonomous-dev/skills/code-review/SKILL.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
---
name: code-review
description: "10-point code review checklist covering correctness, tests, error handling, type hints, naming, security, and performance. Use when reviewing PRs or evaluating code quality. TRIGGER when: code review, PR review, review checklist, code quality check. DO NOT TRIGGER when: writing new code, debugging, refactoring without review context."
allowed-tools: [Read, Grep, Glob, Bash]
allowed-tools: "Read, Grep, Glob, Bash"
---

# Code Review Enforcement Skill
Expand Down Expand Up @@ -135,13 +135,12 @@ Every review MUST conclude with exactly one of:

---

## Anti-Patterns
## Example

### BAD: Rubber-stamp approval
```
"Looks good to me, ship it!"
```
Missing: checklist, line references, test results, security review.

### GOOD: Structured review
```
Expand All @@ -159,16 +158,10 @@ Missing: checklist, line references, test results, security review.
### Verdict: REQUEST_CHANGES
```

### BAD: Nitpicking style, missing logic bugs
Spending 10 comments on variable naming while an off-by-one error goes unnoticed.

### BAD: "Will fix later" acceptance
Approving with known BLOCKING issues and a verbal promise to fix. If it is BLOCKING, it blocks.

---

## Cross-References

- **python-standards**: Style and type hint requirements
- **testing-guide**: Test coverage expectations
- **security-patterns**: Security checklist details
- [python-standards](../python-standards/SKILL.md) β€” Style and type hint requirements
- [testing-guide](../testing-guide/SKILL.md) β€” Test coverage expectations
- [security-patterns](../security-patterns/SKILL.md) β€” Security checklist details
13 changes: 4 additions & 9 deletions plugins/autonomous-dev/skills/debugging-workflow/SKILL.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
---
name: debugging-workflow
description: "Systematic debugging methodology β€” reproduce, isolate, bisect, fix, verify. Use when diagnosing failures, tracing errors, or investigating unexpected behavior. TRIGGER when: debug, error, traceback, stack trace, bisect, breakpoint, failing test, unexpected behavior. DO NOT TRIGGER when: writing new features, code review, documentation, refactoring."
allowed-tools: [Read, Grep, Glob, Bash]
allowed-tools: "Read, Grep, Glob, Bash"
---

# Debugging Workflow
Expand Down Expand Up @@ -125,12 +125,7 @@ python -m pytest --cov=module --cov-report=term-missing tests/path/test_file.py
3. Is there a regression test for this bug? β†’ Must be YES
4. Could this bug occur elsewhere? β†’ Search for similar patterns

## Common Pitfalls
## Cross-References

| Pitfall | Why It's Wrong | What To Do Instead |
|---------|---------------|-------------------|
| Fix without reproducing | You might fix the wrong thing | Always reproduce first |
| Fix the symptom | Bug will recur in different form | Find root cause |
| Large refactor as "fix" | Introduces new bugs | Minimal change only |
| No regression test | Bug will come back | Test is part of the fix |
| Skip full test suite | Fix broke something else | Always run full suite |
- [testing-guide](../testing-guide/SKILL.md) β€” Test patterns for regression tests
- [error-handling](../error-handling/SKILL.md) β€” Error handling patterns
Loading