review-policy-builder
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
Chinesereview-policy-builder
审查策略构建器
Create and maintain the project-specific review policy consumed by .
agentic-reviewThis skill is interview-first and evidence-grounded:
- derive what is already true from repo docs and ADRs
- mine high-confidence implementation conventions from the repository
- capture missing project/domain constraints from the user
- write structured policy artifacts in
<docs-dir>/review/policies/ - define review audit governance in for specialist attestation and completion rules
POLICY_INDEX.md
Read references/policy-contract.md before writing policy files. It is the canonical schema and includes onion/clean-architecture templates.
创建并维护供使用的项目特定审查策略。
agentic-review此技能以访谈为先导、以证据为基础:
- 从仓库文档和ADR中提取已有的规则
- 从仓库中挖掘高可信度的实现约定
- 收集用户提供的项目/领域缺失约束
- 在下编写结构化策略工件
<docs-dir>/review/policies/ - 在中定义审查审计治理规则,用于专业人员认证和完成规则
POLICY_INDEX.md
编写策略文件前,请阅读references/policy-contract.md。这是标准规范,包含洋葱/整洁架构模板。
Phase 1 — Verify prerequisites and locate <docs-dir>
<docs-dir>阶段1 — 验证前提条件并定位<docs-dir>
<docs-dir>This skill runs after .
setup-agentic-repository- Read root .
AGENTS.md - Discover from
<docs-dir>contract paths.AGENTS.md - Fallback: find and use its parent directory as
AGENTS_CONTEXT.md.<docs-dir> - Confirm required files:
AGENTS.md<docs-dir>/ENGINEERING.md<docs-dir>/AGENTS_CONTEXT.md- at least one
CONTEXT.md
- Optional but strongly preferred:
<docs-dir>/CONTEXT-MAP.md<docs-dir>/adr/*.md
If required files are missing, fail fast with actionable remediation: run/fix first.
setup-agentic-repository此技能需在之后运行。
setup-agentic-repository- 读取根目录下的文件。
AGENTS.md - 从的契约路径中发现
AGENTS.md。<docs-dir> - 备选方案:找到并将其父目录作为
AGENTS_CONTEXT.md。<docs-dir> - 确认所需文件:
AGENTS.md<docs-dir>/ENGINEERING.md<docs-dir>/AGENTS_CONTEXT.md- 至少一个
CONTEXT.md
- 可选但强烈推荐:
<docs-dir>/CONTEXT-MAP.md<docs-dir>/adr/*.md
如果缺少所需文件,快速失败并提供可执行的补救措施:先运行/修复。
setup-agentic-repositoryPhase 2 — Load baseline truth before asking questions
阶段2 — 在提问前加载基准规则
Read these sources first, then summarize extracted constraints:
- for global workflow and non-negotiables
AGENTS.md - for coding/testing/quality standards
<docs-dir>/ENGINEERING.md - (if present) and relevant
<docs-dir>/CONTEXT-MAP.mdfiles for module boundaries, public surfaces, invariants, and dependency direction hintsCONTEXT.md - for architecture decisions and constraints
<docs-dir>/adr/*.md
Extract candidate rules from those files into a working list tagged or .
source: derivedsource: adrDo not ask the user to restate anything already explicit in these files.
先读取以下来源,然后总结提取的约束:
- :全局工作流和不可协商规则
AGENTS.md - :编码/测试/质量标准
<docs-dir>/ENGINEERING.md - (如果存在)及相关
<docs-dir>/CONTEXT-MAP.md文件:模块边界、公共接口、不变量和依赖方向提示CONTEXT.md - :架构决策和约束
<docs-dir>/adr/*.md
从这些文件中提取候选规则,放入标记为或的工作列表。
source: derivedsource: adr不要要求用户重述这些文件中已明确说明的内容。
Phase 3 — Mine repository convention candidates (inheritance v1)
阶段3 — 挖掘仓库约定候选(继承规则v1)
Before interviewing, mine code-level conventions that can become automatable review checks.
Scope (v1):
- inheritance conventions only ()
check_type: inheritance_suffix
Mining workflow:
- Scan repository code (prioritize module-owned subtrees from /
CONTEXT-MAP.md) for class declarations and inheritance/base-type relationships.CONTEXT.md - Detect suffix-based inheritance candidates (for example extending
*Controller,*MainControllerextending*Service).*MainService - Build candidate evidence:
- class suffix
- expected base suffix
- sample count
- adoption ratio ()
matching_samples / total_samples - representative file+line evidence for matching and violating samples
- Candidate promotion defaults:
min_samples = 4min_adoption_ratio = 0.85
- Classify candidates:
- : meets both thresholds
promoted-candidate - : below threshold (show to user only when useful)
exploratory-candidate
Scoping defaults:
- module-first by subtree ownership
- if the same candidate is confirmed across multiple modules, promote to a global rule
Never persist mined conventions automatically. They must be explicitly confirmed in the interview.
在访谈前,挖掘可转化为自动化审查检查的代码级约定。
范围(v1):
- 仅继承约定()
check_type: inheritance_suffix
挖掘流程:
- 扫描仓库代码(优先处理/
CONTEXT-MAP.md中定义的模块所属子树),查找类声明和继承/基类关系。CONTEXT.md - 检测基于后缀的继承候选(例如继承自
*Controller,*MainController继承自*Service)。*MainService - 构建候选证据:
- 类后缀
- 预期基类后缀
- 样本数量
- 采用率()
匹配样本数 / 总样本数 - 匹配和违规样本的代表性文件+行号证据
- 候选晋升默认阈值:
min_samples = 4min_adoption_ratio = 0.85
- 候选分类:
- :满足两个阈值
promoted-candidate - :未达到阈值(仅在有用时展示给用户)
exploratory-candidate
范围默认规则:
- 按子树所属模块优先处理
- 如果同一候选在多个模块中得到确认,则晋升为全局规则
不要自动持久化挖掘到的约定。必须在访谈中得到明确确认。
Phase 4 — Structured interview for missing policy
阶段4 — 针对缺失策略的结构化访谈
Run a focused interview to capture project-specific review checks not present in baseline docs. Use and resolve one decision at a time.
AskUserQuestionTarget gaps:
- architecture integrity rules (onion/clean/hexagonal)
- allowed dependency direction and forbidden layer crossings
- call-flow restrictions (for example controller -> application -> domain -> infrastructure)
- inherited code conventions discovered in Phase 3 (candidate confirmation, severity, exceptions)
- module exceptions (allowed boundary breaks and justification)
- transaction/data integrity rules
- security/business-risk hotspots that deserve stricter scrutiny
Rules for the interview:
- propose concrete options with recommended defaults
- for each promoted convention candidate, request explicit confirm/reject
- when confirmed, capture severity and explicit allowed exceptions
- capture explicit exceptions and evidence requirements
- resolve ambiguities immediately; do not leave vague prose
- when user input conflicts with ADRs, mark conflict as in output artifacts
needs decision
开展聚焦访谈,收集基准文档中未涵盖的项目特定审查检查规则。使用,每次解决一个决策。
AskUserQuestion目标缺口:
- 架构完整性规则(洋葱/整洁/六边形架构)
- 允许的依赖方向和禁止的层交叉
- 调用流限制(例如controller -> application -> domain -> infrastructure)
- 阶段3中发现的继承代码约定(候选确认、严重程度、例外情况)
- 模块例外(允许的边界突破及理由)
- 事务/数据完整性规则
- 需要更严格审查的安全/业务风险热点
访谈规则:
- 提出带有推荐默认值的具体选项
- 对每个晋升的约定候选,请求明确的确认/拒绝
- 确认后,记录严重程度和明确允许的例外情况
- 记录明确的例外情况和证据要求
- 立即解决歧义;不要留下模糊描述
- 当用户输入与ADR冲突时,在输出工件中标记为
needs decision
Phase 5 — Write policy artifacts under <docs-dir>/review/policies/
<docs-dir>/review/policies/阶段5 — 在<docs-dir>/review/policies/
下编写策略工件
<docs-dir>/review/policies/Produce this contract:
- — cross-project rules and global constraints
global-policy.md - — one per module/context
module-<slug>.md- multi-context: derive from context rows in
<slug>CONTEXT-MAP.md - single-context: write one module file for the single context
- multi-context: derive
- — index and routing map:
POLICY_INDEX.md- module/context -> policy file
- primary subtree ownership
- policy version/updated metadata
- review audit contract for
agentic-review
Use the schema from . Each rule must include required metadata fields:
references/policy-contract.mdidtitle- (
scopeorglobal)module:<slug> - (
severity)critical|high|medium|low intentcheck_logicevidence_expectationallowed_exceptions- (
source)derived|user-specified|adr - (optional)
related_adr
Automation metadata (optional, recommended for deterministic checks):
- Add machine-usable metadata for confirmed inheritance conventions.
automation - For inheritance checks, set:
check_type: inheritance_suffix- (default)
apply_scope: changed-files - selector and expectation fields defined by the policy contract
Convention rule scoping:
- default to module policy files ()
module-<slug>.md - promote to only when the same convention is confirmed across modules
global-policy.md - keep module-specific exceptions local unless explicitly approved as global
POLICY_INDEX.mdReview Audit Contractaudit_contract_versioncompletion_mode: fail-closed- required attestation fields:
specialist_slugspecialist_typeassigned_scopestatussigned_atattestation_textoutput_artifact_path
- required specialist categories:
- module specialists always required
- cross-cut specialists required when routed by file semantics
- transparency mode:
summary + artifact links
生成以下契约:
- — 跨项目规则和全局约束
global-policy.md - — 每个模块/上下文对应一个文件
module-<slug>.md- 多上下文:从的上下文行中派生
CONTEXT-MAP.md<slug> - 单上下文:为单个上下文编写一个模块文件
- 多上下文:从
- — 索引和路由映射:
POLICY_INDEX.md- 模块/上下文 -> 策略文件
- 主要子树所属权
- 策略版本/更新元数据
- 供使用的审查审计契约
agentic-review
使用中的规范。每个规则必须包含必填元数据字段:
references/policy-contract.mdidtitle- (
scope或global)module:<slug> - (
severity)critical|high|medium|low intentcheck_logicevidence_expectationallowed_exceptions- (
source)derived|user-specified|adr - (可选)
related_adr
自动化元数据(可选,推荐用于确定性检查):
- 为已确认的继承约定添加机器可读取的元数据。
automation - 对于继承检查,设置:
check_type: inheritance_suffix- (默认值)
apply_scope: changed-files - 策略契约中定义的选择器和预期字段
约定规则范围:
- 默认放入模块策略文件()
module-<slug>.md - 仅当同一约定在多个模块中得到确认时,才晋升到
global-policy.md - 模块特定例外情况保持本地化,除非明确批准为全局规则
POLICY_INDEX.mdReview Audit Contractaudit_contract_versioncompletion_mode: fail-closed- 必填认证字段:
specialist_slugspecialist_typeassigned_scopestatussigned_atattestation_textoutput_artifact_path
- 必填专业人员类别:
- 始终需要模块专业人员
- 当按文件语义路由时,需要跨领域专业人员
- 透明模式:
summary + artifact links
Phase 6 — Update/merge behavior on reruns
阶段6 — 重新运行时的更新/合并行为
If policy files already exist:
- merge/update in place; do not overwrite blindly
- preserve stable values for unchanged rules
id - update metadata and content for modified rules
- mark obsolete rules as deprecated; do not silently delete history
- keep synchronized with current module list
POLICY_INDEX.md
Conflict handling:
- if a new/updated rule contradicts ADR constraints, mark it as and document the conflict in both impacted policy file and
needs decisionPOLICY_INDEX.md
如果策略文件已存在:
- 原地合并/更新;不要盲目覆盖
- 保留未更改规则的稳定值
id - 更新修改后规则的元数据和内容
- 将过时规则标记为已弃用;不要静默删除历史记录
- 保持与当前模块列表同步
POLICY_INDEX.md
冲突处理:
- 如果新/更新的规则与ADR约束冲突,将其标记为,并在受影响的策略文件和
needs decision中记录冲突POLICY_INDEX.md
Phase 7 — Integration contract for agentic-review
agentic-review阶段7 — 与agentic-review
的集成契约
agentic-reviewThis skill must produce artifacts that can consume deterministically:
agentic-review- policy location:
<docs-dir>/review/policies/ - expected files:
POLICY_INDEX.mdglobal-policy.mdmodule-<slug>.md
- each rule has machine-usable metadata fields (no prose-only rules)
- inheritance convention rules that should run automatically include
automation.check_type: inheritance_suffix - includes a machine-readable
POLICY_INDEX.mdsectionReview Audit Contract
Document in :
POLICY_INDEX.md- which modules have policy coverage
- which rules are global vs module-scoped
- which rules are automatable (, scope, and owning policy file)
check_type - review audit contract values (,
audit_contract_version, required attestation fields, required specialist categories, transparency mode)completion_mode - any conflicts unresolved at authoring time
needs decision
此技能必须生成可确定性读取的工件:
agentic-review- 策略位置:
<docs-dir>/review/policies/ - 预期文件:
POLICY_INDEX.mdglobal-policy.mdmodule-<slug>.md
- 每个规则都有机器可读取的元数据字段(无纯文本规则)
- 应自动运行的继承约定规则包含
automation.check_type: inheritance_suffix - 包含机器可读的
POLICY_INDEX.md部分Review Audit Contract
在中记录:
POLICY_INDEX.md- 哪些模块有策略覆盖
- 哪些规则是全局规则 vs 模块范围规则
- 哪些规则可自动化(、范围和所属策略文件)
check_type - 审查审计契约值(、
audit_contract_version、必填认证字段、必填专业人员类别、透明模式)completion_mode - 编写时未解决的冲突
needs decision
Phase 8 — Report back
阶段8 — 反馈报告
Tell the user:
- which files were created/updated
- which rules were derived vs user-specified
- which mined convention candidates were confirmed, rejected, or deferred
- which review audit contract values were set in
POLICY_INDEX.md - unresolved conflicts
needs decision - which modules still need policy refinement
- artifact hygiene outcome (what entries were added, or that no changes were applied)
.gitignore
At the end of every run, add an artifact-hygiene decision step before finishing:
- Explain that produces multiple generated artifacts under
agentic-review:<docs-dir>/review/- (plan)
review-plan-*.md - (full scoped diffs)
review-plan-*.diffs/ - (raw specialist outputs)
review-result-*.specialists/ - (human-readable summary)
review-result-*.md - (machine-readable manifest)
review-manifest-*.json
- Explain the tradeoff explicitly:
- keeping these files tracked preserves review/audit history
- ignoring some or all reduces repository noise
- Ask the user to choose one ignore strategy with :
AskUserQuestion
yaml
questions:
- question: "Would you like me to update `.gitignore` for generated `agentic-review` artifacts?"
header: "Review Artifacts"
multiSelect: false
options:
- label: "Ignore all review artifacts (Recommended)"
description: "Add ignore patterns for plans, diff directories, specialist outputs, result summaries, and manifests."
- label: "Ignore diff files only"
description: "Ignore only `review-plan-*.diffs/` directories and keep other review artifacts tracked."
- label: "Keep review artifacts tracked"
description: "Do not modify `.gitignore`."Apply deterministic mapping to root :
.gitignore- :
Ignore all review artifacts (Recommended)<docs-dir>/review/review-plan-*.md<docs-dir>/review/review-plan-*.diffs/<docs-dir>/review/review-result-*.specialists/<docs-dir>/review/review-result-*.md<docs-dir>/review/review-manifest-*.json
- :
Ignore diff files only<docs-dir>/review/review-plan-*.diffs/
- :
Keep review artifacts tracked- no changes
.gitignore
- no
Idempotency requirements:
- never add duplicate lines
.gitignore - preserve existing content order except for appended new lines when needed
.gitignore - if all required lines already exist for the chosen option, report instead of rewriting
no-op
Do not commit changes. The user reviews policy artifacts first.
告知用户:
- 创建/更新了哪些文件
- 哪些规则是派生的 vs 用户指定的
- 哪些挖掘的约定候选被确认、拒绝或推迟
- 中设置了哪些审查审计契约值
POLICY_INDEX.md - 未解决的冲突
needs decision - 哪些模块仍需策略优化
- 工件清理结果(添加了哪些条目,或未应用任何更改)
.gitignore
在每次运行结束时,完成前添加一个工件清理决策步骤:
- 说明会在
agentic-review下生成多个工件:<docs-dir>/review/- (审查计划)
review-plan-*.md - (完整范围差异)
review-plan-*.diffs/ - (原始专业人员输出)
review-result-*.specialists/ - (人类可读摘要)
review-result-*.md - (机器可读清单)
review-manifest-*.json
- 明确解释权衡:
- 跟踪这些文件可保留审查/审计历史
- 忽略部分或全部文件可减少仓库冗余
- 使用让用户选择一种忽略策略:
AskUserQuestion
yaml
questions:
- question: "Would you like me to update `.gitignore` for generated `agentic-review` artifacts?"
header: "Review Artifacts"
multiSelect: false
options:
- label: "Ignore all review artifacts (Recommended)"
description: "Add ignore patterns for plans, diff directories, specialist outputs, result summaries, and manifests."
- label: "Ignore diff files only"
description: "Ignore only `review-plan-*.diffs/` directories and keep other review artifacts tracked."
- label: "Keep review artifacts tracked"
description: "Do not modify `.gitignore`."将选择映射到根目录:
.gitignore- :
Ignore all review artifacts (Recommended)<docs-dir>/review/review-plan-*.md<docs-dir>/review/review-plan-*.diffs/<docs-dir>/review/review-result-*.specialists/<docs-dir>/review/review-result-*.md<docs-dir>/review/review-manifest-*.json
- :
Ignore diff files only<docs-dir>/review/review-plan-*.diffs/
- :
Keep review artifacts tracked- 不修改
.gitignore
- 不修改
幂等性要求:
- 绝不添加重复的行
.gitignore - 保留现有内容顺序,仅在需要时追加新行
.gitignore - 如果所选选项的所有必填行已存在,则报告而非重写
no-op
不要提交更改。用户需先审查策略工件。