Back to Details

verification

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Agent Verifier

Agent Verifier

Purpose

用途

Run comprehensive verification on AI agent code. This orchestrator invokes focused verification skills and consolidates results into a unified report. All analysis happens locally—code never leaves your machine.
对AI Agent代码进行全面验证。该编排器会调用针对性的验证技能,并将结果整合为一份统一报告。所有分析均在本地完成——代码绝不会离开你的设备。

When to Use

适用场景

Trigger this skill when the user asks to:
  • "verify agent" (primary invocation)
  • "verify my agent"
  • "audit agent"
  • "full verification"
  • "verify my code" (when agent patterns are detected)
  • "check compliance"
当用户提出以下请求时触发此技能:
  • "verify agent"(主要触发词)
  • "verify my agent"
  • "audit agent"
  • "full verification"
  • "verify my code"(检测到Agent模式时)
  • "check compliance"

Available Verification Modes

可用验证模式

CommandSkillWhat it checks
"verify agent"This skillFull suite (all below)
"verify agent security"verify-securitySecrets, dependencies, input validation
"verify agent patterns"verify-patternsLoops, retries, tools, context size
"verify agent quality"verify-qualityNaming, organization, documentation
"verify agent language"verify-languageType hints, idioms, language best practices
指令技能检查内容
"verify agent"本技能完整套件(包含以下所有检查)
"verify agent security"verify-security密钥、依赖项、输入验证
"verify agent patterns"verify-patterns循环、重试、工具、上下文大小
"verify agent quality"verify-quality命名规范、代码组织、文档
"verify agent language"verify-language类型提示、语言习惯、语言最佳实践

Process

流程

Step 1: Context Discovery

步骤1:上下文探测

Scan the project to identify:
  1. Primary language:
    • Check for 
      pyproject.toml
      , 
      package.json
      , 
      go.mod
    • Look at file extensions in 
      src/
      or project root
  2. Agent framework (if any):
    • langgraph
      in imports → LangGraph
    • crewai
      in imports → CrewAI
    • autogen
      in imports → AutoGen
    • langchain
      in imports → LangChain
    • Direct SDK usage → Custom agent
  3. Kahuna integration:
    • Check if 
      .kahuna/
      directory exists
    • If yes, read 
      .kahuna/context-guide.md
      for organizational rules
Record the detected context for reporting.
扫描项目以识别:
  1. 主编程语言:
    • 检查是否存在
      pyproject.toml
      package.json
      go.mod
      文件
    • 查看
      src/
      目录或项目根目录下的文件扩展名
  2. Agent框架(如有):
    • 导入中包含
      langgraph
      → LangGraph
    • 导入中包含
      crewai
      → CrewAI
    • 导入中包含
      autogen
      → AutoGen
    • 导入中包含
      langchain
      → LangChain
    • 直接使用SDK → 自定义Agent
  3. Kahuna集成:
    • 检查是否存在
      .kahuna/
      目录
    • 若存在,读取
      .kahuna/context-guide.md
      以了解组织规则
记录探测到的上下文用于报告。

Step 2: Run Security Checks

步骤2:运行安全检查

Load the verify-security skill and execute its process.
This checks for:
  • Hardcoded secrets and API keys
  • Dependency version pinning
  • Input validation patterns
  • Error message exposure
  • Secure defaults
Record all findings.
加载verify-security技能并执行其流程。
检查内容包括:
  • 硬编码的密钥和API密钥
  • 依赖版本锁定
  • 输入验证模式
  • 错误信息暴露情况
  • 安全默认配置
记录所有检查结果。

Step 3: Run Pattern Checks

步骤3:运行模式检查

Load the verify-patterns skill and execute its process.
This checks for:
  • Loop safety (termination conditions)
  • Retry limit enforcement
  • Tool registry consistency
  • Context size awareness
  • LangGraph cycle analysis (if applicable)
Record all findings.
加载verify-patterns技能并执行其流程。
检查内容包括:
  • 循环安全性(终止条件)
  • 重试限制执行情况
  • 工具注册表一致性
  • 上下文大小感知
  • LangGraph循环分析(如适用)
记录所有检查结果。

Step 4: Run Quality Checks

步骤4:运行质量检查

Load the verify-quality skill and execute its process.
This checks for:
  • Naming conventions
  • Code organization
  • Magic numbers/strings
  • Documentation
  • Error handling patterns
Record all findings.
加载verify-quality技能并执行其流程。
检查内容包括:
  • 命名规范
  • 代码组织
  • 魔法数值/字符串
  • 文档
  • 错误处理模式
记录所有检查结果。

Step 5: Run Language-Specific Checks

步骤5:运行特定语言检查

Based on detected language, load the verify-language skill and execute its process.
Python checks:
  • Type hints on public functions
  • Docstrings
  • Requirements pinning
  • Python idioms
TypeScript/JavaScript checks:
  • Strict mode enabled
  • No 
    any
    types
  • Async/await error handling
  • Promise handling
Go checks:
  • No ignored errors
  • Context propagation
  • Package structure
  • Go idioms
Record all findings.
根据探测到的语言,加载verify-language技能并执行其流程。
Python检查:
  • 公共函数的类型提示
  • 文档字符串
  • 依赖版本锁定
  • Python语言习惯
TypeScript/JavaScript检查:
  • 启用严格模式
  • any
    类型
  • Async/await错误处理
  • Promise处理
Go检查:
  • 无忽略的错误
  • 上下文传播
  • 包结构
  • Go语言习惯
记录所有检查结果。

Step 6: Consolidate Report

步骤6:整合报告

Combine all findings from Steps 2-5 into a unified verification report.
将步骤2-5的所有检查结果整合为一份统一的验证报告。

Report Format

报告格式

markdown
undefined
markdown
undefined

Agent Verification Report

Agent Verification Report

Project: [project name or path] Date: [current date] Mode: [Kahuna-enhanced | Standalone] Language: [Python | TypeScript | JavaScript | Go] Agent framework: [LangGraph | CrewAI | AutoGen | LangChain | Custom | None] Files analyzed: [count]
Project: [project name or path] Date: [current date] Mode: [Kahuna-enhanced | Standalone] Language: [Python | TypeScript | JavaScript | Go] Agent framework: [LangGraph | CrewAI | AutoGen | LangChain | Custom | None] Files analyzed: [count]

Summary

Summary

✅ X checks passed | ⚠️ Y warnings | ❌ Z issues
✅ X checks passed | ⚠️ Y warnings | ❌ Z issues

By Category

By Category

CategoryPassWarnIssue
SecurityXXX
PatternsXXX
QualityXXX
LanguageXXX
CategoryPassWarnIssue
SecurityXXX
PatternsXXX
QualityXXX
LanguageXXX

Security

Security

(Summary from verify-security)
  • No hardcoded secrets
  • Dependencies pinned
  • ⚠️ [finding]
  • ❌ [finding]
(Summary from verify-security)
  • No hardcoded secrets
  • Dependencies pinned
  • ⚠️ [finding]
  • ❌ [finding]

Agent Patterns

Agent Patterns

(Summary from verify-patterns — include only if agent detected)
(Summary from verify-patterns — include only if agent detected)

Loop Safety

Loop Safety

  • All loops have termination conditions
  • ⚠️ Potential unbounded loop at 
    [file:line]
  • All loops have termination conditions
  • ⚠️ Potential unbounded loop at 
    [file:line]

Retry Limits

Retry Limits

  • All retry mechanisms have explicit limits
  • ❌ Missing retry limit at 
    [file:line]
  • All retry mechanisms have explicit limits
  • ❌ Missing retry limit at 
    [file:line]

Tool Consistency

Tool Consistency

  • Tool registry found: X tools defined
  • ❌ Hallucinated tool reference at 
    [file:line]
  • ⚠️ Undocumented tool: 
    [name]
  • Tool registry found: X tools defined
  • ❌ Hallucinated tool reference at 
    [file:line]
  • ⚠️ Undocumented tool: 
    [name]

Context Size

Context Size

  • System prompt within limits (~X tokens)
  • ⚠️ System prompt exceeds recommended size
  • System prompt within limits (~X tokens)
  • ⚠️ System prompt exceeds recommended size

Quality

Quality

(Summary from verify-quality)
  • Naming conventions consistent
  • Code well-organized
  • ⚠️ [finding]
(Summary from verify-quality)
  • Naming conventions consistent
  • Code well-organized
  • ⚠️ [finding]

Language ([Python/TypeScript/Go])

Language ([Python/TypeScript/Go])

(Summary from verify-language)
  • Type safety enforced
  • ⚠️ [finding]
  • ❌ [finding]
(Summary from verify-language)
  • Type safety enforced
  • ⚠️ [finding]
  • ❌ [finding]

Detailed Findings

Detailed Findings

[P]
= pattern-matched (structurally reliable) · 
[H]
= heuristic (best-effort judgment)
[P]
= pattern-matched (structurally reliable) · 
[H]
= heuristic (best-effort judgment)

✅ Passing

✅ Passing

  • [P]
    No hardcoded secrets or API keys
  • [P]
    All retry decorators have stop conditions
  • [H]
    Code organization follows best practices
  • [P]
    No hardcoded secrets or API keys
  • [P]
    All retry decorators have stop conditions
  • [H]
    Code organization follows best practices

⚠️ Warnings

⚠️ Warnings

  • [P|H]
    [Check name]: [Description]
    • Location: [file:line]
    • Category: [Security | Patterns | Quality | Language]
    • Suggestion: [How to address]
  • [P|H]
    [Check name]: [Description]
    • Location: [file:line]
    • Category: [Security | Patterns | Quality | Language]
    • Suggestion: [How to address]

❌ Issues

❌ Issues

  • [P|H]
    [Check name]: [Description]
    • Location: [file:line]
    • Category: [Security | Patterns | Quality | Language]
    • Rule: [Which rule this violates]
    • Fix: [Specific remediation steps]
  • [P|H]
    [Check name]: [Description]
    • Location: [file:line]
    • Category: [Security | Patterns | Quality | Language]
    • Rule: [Which rule this violates]
    • Fix: [Specific remediation steps]

Recommendations

Recommendations

  1. [Highest priority] - [Specific action]
  2. [Second priority] - [Specific action]
  3. [Additional improvements]
Report generated by Agent Verifier v1.0.0
undefined
  1. [Highest priority] - [Specific action]
  2. [Second priority] - [Specific action]
  3. [Additional improvements]
Report generated by Agent Verifier v1.0.0
undefined

Step 7: Export Report (Optional)

步骤7:导出报告(可选)

After presenting the report, ask the user:
Would you like to save this verification report to a file?
If confirmed:
  1. Create the reports directory if it doesn't exist:
    bash
    mkdir -p reports/verification
  2. Generate filename using the current date and time (NOT placeholders):
    • Get the actual current timestamp from your environment context
    • Format: 
      reports/verification/{date}_{time}.md
    • Date format: 
      YYYY-MM-DD
      (e.g., 
      2026-03-17
      )
    • Time format: 
      HH-MM-SS
      (e.g., 
      08-15-42
      for 8:15:42 AM)
    IMPORTANT: Use the real current time, not zeros or placeholders. Check your system context for "Current Time" information.
    Example: If the current time is March 17, 2026 at 1:05:30 AM PST, the filename should be: 
    reports/verification/2026-03-17_01-05-30.md
  3. Save the complete report to that file.
展示报告后,询问用户:
是否需要将这份验证报告保存到文件中?
如果用户确认:
  1. 若reports目录不存在则创建:
    bash
    mkdir -p reports/verification
  2. 使用当前日期和时间生成文件名(请勿使用占位符):
    • 从环境上下文中获取实际的当前时间戳
    • 格式:
      reports/verification/{date}_{time}.md
    • 日期格式:
      YYYY-MM-DD
      (例如:
      2026-03-17
    • 时间格式:
      HH-MM-SS
      (例如:上午8:15:42对应
      08-15-42
    重要提示: 使用真实的当前时间,请勿使用零或占位符。请从系统上下文中查看“Current Time”信息。
    示例: 如果当前时间为2026年3月17日太平洋标准时间凌晨1:05:30,文件名应为: 
    reports/verification/2026-03-17_01-05-30.md
  3. 将完整报告保存至该文件。

Check Tier Discipline

检查层级规范

Throughout all verification steps, maintain tier discipline:
  • [PATTERN]
    checks     — Apply exactly as written. A rule says "flag X" → flag X. No judgment.
  • [HEURISTIC]
    checks     — Apply with judgment. Mark findings clearly with 
    [H]
    .
Tag every finding in the report with 
[P]
or 
[H]
so readers understand confidence level.
在所有验证步骤中,需遵循层级规范:
  • [PATTERN]
    检查     — 严格按照规则执行。规则要求“标记X”则标记X,无需主观判断。
  • [HEURISTIC]
    检查     — 结合主观判断执行。在检查结果中明确标记
    [H]
在报告中为每个检查结果标记
[P]
[H]
,以便读者了解结果的可信度。

Notes

注意事项

  • Privacy first: All code analysis happens locally. Nothing is sent to external services.
  • Kahuna enhances, not requires: The skill works standalone with built-in rules. Kahuna adds organization-specific knowledge.
  • Be specific: Include file names and line numbers when reporting issues.
  • Explain the "why": Help developers understand why each rule matters.
  • Honor existing configs: Respect project's existing lint rules, 
    .editorconfig
    , etc.
  • 隐私优先: 所有代码分析均在本地完成,不会发送至外部服务。
  • Kahuna为增强项,非必需项: 本技能可独立运行,使用内置规则。Kahuna可添加组织特定的知识。
  • 具体明确: 报告问题时需包含文件名和行号。
  • 解释原因: 帮助开发者理解每条规则的重要性。
  • 尊重现有配置: 遵循项目已有的lint规则、
    .editorconfig
    等配置。