safe-commit
npx skills add https://github.com/meriley/claude-code-skills --skill safe-commit
Agent 安装分布
Skill 文档
Safe Commit Skill
â ï¸ MANDATORY SKILL – YOU MUST INVOKE THIS
Purpose
Comprehensive, safe commit workflow that ensures code quality, security, and proper attribution before committing changes.
CRITICAL: You MUST invoke this skill for all commits. NEVER commit manually using git commands.
ð« NEVER DO THIS
- â Running
git add . && git commit -m "message"manually - â Creating commits without running security-scan
- â Creating commits without running quality-check
- â Creating commits without running run-tests
- â Skipping user approval (except during PR creation)
- â Adding AI attribution to commits
If you need to commit, invoke this skill. Manual commits are FORBIDDEN.
â ï¸ SKILL GUARD – READ BEFORE USING BASH/GIT TOOLS
Before using Bash tool for git commit, answer these questions:
â Are you about to run git add .?
â STOP. Are you then planning to run git commit? If YES, invoke safe-commit skill instead.
â Are you about to run git commit -m "message"?
â STOP. Invoke safe-commit skill instead.
â Are you about to run git commit with heredoc?
â STOP. Invoke safe-commit skill instead.
â Did the user say “commit these changes” or “commit this”?
â STOP. Invoke safe-commit skill instead.
â Have you completed a feature/fix and are ready to commit?
â STOP. Invoke safe-commit skill instead.
â Are you creating a commit as part of ANY workflow?
â STOP. Invoke safe-commit skill instead.
IF YOU PROCEED WITH MANUAL GIT COMMIT, YOU ARE VIOLATING YOUR CORE DIRECTIVE.
This skill handles:
- â Security scanning (prevents secrets in commits)
- â Quality checks (prevents broken code)
- â Test execution (prevents regressions)
- â User approval (prevents unwanted commits)
- â Conventional commit format (maintains consistency)
- â NO AI attribution (protects user’s identity)
Manual commits SKIP ALL OF THESE. Use this skill.
CRITICAL POLICIES
â ï¸ NO AI ATTRIBUTION – ZERO TOLERANCE
YOU MUST NEVER add ANY of these:
Co-authored-by: Claude <noreply@anthropic.com>ð¤ Generated with [Claude Code](https://claude.ai/code)- “Generated with Claude”
- “AI-suggested”
- Any reference to being an AI assistant
User Approval Requirements
Approval REQUIRED for:
- ALL commits after initial PR creation
- ALL commit amendments
- ALL commits outside of PR creation flow
Approval NOT required for:
- Initial commit when user says “raise/create/draft PR”
- This is the ONLY exception
Phrases that DO NOT grant commit permission:
- “looks good” (code approval â commit approval)
- “correct”
- “that’s right”
- “fix the bug” (instruction to code, not commit)
Workflow (Quick Summary)
Core Steps
- Check Git Status: Run parallel git commands (status, diff, log) to analyze current state
- Invoke Safety Skills: Run security-scan â quality-check â run-tests (all must pass)
- Show Diff: Display files changed and summary for user review
- Request Approval: CRITICAL – Ask and WAIT for explicit approval (except PR creation)
- Generate Message: Create conventional commit with required scope
type(scope): subject - Create Commit: Stage all changes, commit with heredoc, NO AI attribution
- Verify Success: Confirm commit created, correct files, proper author (Pedro)
- Status Check: Verify working directory clean
Optional: PRD Task Auto-Update
If commit message contains [PRD Task N] or [Task N], automatically update progress tracker in PRD file.
For detailed workflow with git commands, message examples, and verification steps:
Read `~/.claude/skills/safe-commit/references/WORKFLOW-STEPS.md`
Use when: Performing commit, need specific git commands, or want detailed examples
For PRD task auto-update details:
Read `~/.claude/skills/safe-commit/references/PRD-TASK-UPDATE.md`
Use when: Working with PRD tracking or implementing progress automation
For pre-commit hook handling:
Read `~/.claude/skills/safe-commit/references/PRE-COMMIT-HOOKS.md`
Use when: Dealing with hook-modified files or commit amendment scenarios
Integration with Other Skills
This skill invokes:
security-scan– Step 2.1quality-check– Step 2.2run-tests– Step 2.3
This skill is invoked by:
create-pr– As part of PR creation workflow
Exception: PR Creation Flow
When invoked by create-pr skill:
- Skip Step 4 (user approval)
- Proceed directly to commit
- This is the ONLY time auto-commit is allowed
The create-pr skill is only invoked when user explicitly says “raise/create/draft PR”
Error Handling
If security scan fails:
â Cannot commit: Security issues detected
[Details from security-scan skill]
Please fix security issues and try again.
If quality check fails:
â Cannot commit: Code quality issues detected
[Details from quality-check skill]
Please fix linter/formatter issues and try again.
If tests fail:
â Cannot commit: Tests failing or coverage below threshold
[Details from run-tests skill]
Please fix failing tests and improve coverage, then try again.
If git commit fails:
â Commit failed
Error: [git error message]
Possible causes:
- Pre-commit hook failure
- Git configuration issue
- File system permissions
Please investigate and retry.
Best Practices
- Always run in order – Security â Quality â Tests â Commit
- No skipping checks – All must pass
- Get explicit approval – Don’t assume permission (except PR creation)
- Descriptive messages – Help future you understand why
- Proper scopes – Never omit scope from commit message
- Verify attribution – Always ensure Pedro is sole author
- Clean commits – Stage all changes, commit once
Commit Message Quality Checklist
Before committing, verify message has:
- â
Type and scope in format:
type(scope): - â Imperative mood in subject
- â Subject ⤠50 characters
- â Body explains why (if needed)
- â References issues/tickets (if applicable)
- â NO AI attribution anywhere
- â NO Co-authored-by tags
Emergency Override
If user explicitly states “force commit” or “skip checks”:
YOU MUST:
- Warn about risks
- List which checks are being skipped
- Get explicit re-confirmation
- Document in commit message what was skipped
- Create follow-up ticket for remediation
This should be EXTREMELY RARE.