Requirements
- Target platform
- OpenClaw
- Install method
- Manual import
- Extraction
- Extract archive
- Prerequisites
- OpenClaw
- Primary doc
- SKILL.md
Tencent SkillHub · Developer Tools
Quality Gates
Quality checkpoints at every development stage — pre-commit through post-deploy — with configuration examples, threshold tables, bypass protocols, and CI/CD integration. Use when setting up quality automation, configuring CI pipelines, establishing coverage thresholds, or defining deployment requirements.
skill openclawclawhub Free
Quality checkpoints at every development stage — pre-commit through post-deploy — with configuration examples, threshold tables, bypass protocols, and CI/CD integration. Use when setting up quality automation, configuring CI pipelines, establishing coverage thresholds, or defining deployment requirements.
⬇ 0 downloads ★ 0 stars Unverified but indexed
Install for OpenClaw
Quick setup
- Download the package from Yavira.
- Extract the archive and review SKILL.md first.
- Import or place the package into your OpenClaw setup.
Package facts
- Download mode
- Yavira redirect
- Package format
- ZIP package
- Source platform
- Tencent SkillHub
- What's included
- README.md, SKILL.md
Validation
- Use the Yavira download entry.
- Review SKILL.md after the package is downloaded.
- Confirm the extracted package contains the expected setup assets.
Install with your agent
Agent handoff
Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.
- Download the package from Yavira.
- Extract it into a folder your agent can access.
- Paste one of the prompts below and point your agent at the extracted folder.
New install
I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete.
Upgrade existing
I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run.
Trust & source
Release facts
- Source
- Tencent SkillHub
- Verification
- Indexed source record
- Version
- 0.1.0
Provenance
- Publisher
- wpank
- Source page
- View original listing
- Canonical URL
- Open canonical page
Documentation
Quality Gates
Enforce quality checkpoints at every stage of the development lifecycle. Each gate defines what is checked, when it runs, and whether it blocks progression.
When to Use
Before committing — catch lint errors, formatting issues, type errors, and secrets before they enter history Before merging — ensure full test suites pass, coverage thresholds are met, and code has been reviewed Before deploying — validate integration tests, security scans, and performance budgets in staging During code review — verify that all automated gates have passed and manual review criteria are satisfied After deploying — monitor health checks, error rates, and performance baselines
Gate Overview
GateWhenChecksBlocking?Pre-commitgit commitLint, format, type-check, secrets scanYesPre-pushgit pushUnit tests, build verificationYesPre-mergePR/MR approvalFull test suite, code review, coverage thresholdYesPre-deploy (staging)Deploy to stagingIntegration tests, smoke tests, security scanYesPre-deploy (production)Deploy to productionStaging verification, load test, rollback planYesPost-deployAfter production deployHealth checks, error rate monitoring, perf baselinesAlerting
Husky + lint-staged (Node.js)
{ "lint-staged": { "*.{js,ts,tsx}": ["eslint --fix", "prettier --write"], "*.{json,md,yaml}": ["prettier --write"] } } npx husky init echo "npx lint-staged" > .husky/pre-commit
Pre-commit framework (Python)
# .pre-commit-config.yaml repos: - repo: https://github.com/pre-commit/pre-commit-hooks rev: v4.6.0 hooks: - id: trailing-whitespace - id: end-of-file-fixer - id: check-yaml - id: check-added-large-files - repo: https://github.com/astral-sh/ruff-pre-commit rev: v0.6.0 hooks: - id: ruff args: [--fix] - id: ruff-format - repo: https://github.com/pre-commit/mirrors-mypy rev: v1.11.0 hooks: - id: mypy
Secrets Scanning (pre-commit hook)
#!/bin/sh # .git/hooks/pre-commit gitleaks protect --staged --verbose if [ $? -ne 0 ]; then echo "Secrets detected. Commit blocked." exit 1 fi
GitHub Actions
name: Quality Gates on: pull_request: branches: [main] jobs: lint-and-typecheck: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: actions/setup-node@v4 - run: npm ci - run: npm run lint - run: npm run typecheck unit-tests: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: actions/setup-node@v4 - run: npm ci - run: npm test -- --coverage - name: Check coverage threshold run: | COVERAGE=$(jq '.total.lines.pct' coverage/coverage-summary.json) if (( $(echo "$COVERAGE < 80" | bc -l) )); then echo "Coverage $COVERAGE% is below 80% threshold" exit 1 fi security-scan: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - run: npm audit --audit-level=high - uses: gitleaks/gitleaks-action@v2 build: needs: [lint-and-typecheck, unit-tests, security-scan] runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: actions/setup-node@v4 - run: npm ci - run: npm run build Set these as required status checks in branch protection rules so PRs cannot merge until all gates pass.
Coverage Gates
TypeMinimum ThresholdNotesUnit tests80% line coveragePer-file and aggregateIntegration tests60% of integration pointsAPI endpoints, DB queriesE2E tests100% of critical pathsAuth, checkout, core workflowsNo decrease rule0% regression allowedNew code must not lower overall coverage
Enforcing Thresholds
// jest.config.js or vitest.config.ts { "coverageThreshold": { "global": { "branches": 75, "functions": 80, "lines": 80, "statements": 80 } } } For the no decrease rule, compare coverage against the base branch in CI and fail if the delta is negative.
Dependency Scanning
EcosystemToolCommandNode.jsnpm auditnpm audit --audit-level=highPythonpip-auditpip-audit --strictRustcargo auditcargo auditGogovulncheckgovulncheck ./...UniversalTrivytrivy fs --severity HIGH,CRITICAL .
Secret Detection
ToolUse CaseCommandgitleaksPre-commit and CIgitleaks protect --stagedTruffleHogDeep history scantrufflehog git file://. --only-verifieddetect-secretsBaseline-aware scanningdetect-secrets scan --baseline .secrets.baseline
Bundle Size Budgets
{ "bundlesize": [ { "path": "dist/main.*.js", "maxSize": "150 kB" }, { "path": "dist/vendor.*.js", "maxSize": "250 kB" }, { "path": "dist/**/*.css", "maxSize": "30 kB" } ] }
Lighthouse CI Thresholds
{ "ci": { "assert": { "assertions": { "categories:performance": ["error", { "minScore": 0.9 }], "categories:accessibility": ["error", { "minScore": 0.95 }], "categories:best-practices": ["error", { "minScore": 0.9 }], "first-contentful-paint": ["error", { "maxNumericValue": 2000 }], "largest-contentful-paint": ["error", { "maxNumericValue": 2500 }], "cumulative-layout-shift": ["error", { "maxNumericValue": 0.1 }] } } } }
API Response Time Limits
Endpoint TypeP50P95P99Read (GET)< 100ms< 300ms< 500msWrite (POST/PUT)< 200ms< 500ms< 1000msSearch/aggregate< 300ms< 800ms< 2000msHealth check< 50ms< 100ms< 200ms Enforce via load testing tools (k6, Artillery) in CI with pass/fail thresholds.
Required Approvals
Change ScopeApprovals RequiredStandard code changes1 approval minimumInfrastructure, auth, payments, data models2 approvalsDependency updates, cryptographic changesSecurity team approval
CODEOWNERS
# .github/CODEOWNERS * @team/engineering /infra/ @team/platform /src/auth/ @team/security /src/payments/ @team/payments @team/security *.sql @team/data-engineering Dockerfile @team/platform
When Bypass Is Acceptable
Hotfixes for production incidents with active user impact Trivial changes (typos, comments) where automated checks are overkill Dependency updates that break CI due to upstream issues (not your code)
Required Documentation for Every Bypass
Reason — why the gate cannot pass right now Risk assessment — what could go wrong by skipping Follow-up ticket — link to an issue that tracks resolving the bypass Approver — name of the senior engineer or lead who authorized the bypass
NEVER Do
NEVER disable gates permanently — fix the root cause, don't remove the guardrail NEVER commit secrets — even to "test" branches; git history is forever NEVER skip tests to unblock a deploy — if tests fail, the code is not ready NEVER merge with failing required checks — admin merge bypasses erode team trust NEVER set coverage thresholds to 0% — even a low threshold is better than none NEVER bypass security scans for speed — vulnerabilities in production cost far more than CI minutes NEVER rely solely on post-deploy gates — catching issues after users are impacted is damage control, not quality NEVER treat alerting gates as optional — post-deploy monitoring exists because pre-deploy gates cannot catch everything; ignoring alerts defeats the purpose
Category context
Code helpers, APIs, CLIs, browser automation, testing, and developer operations.
Source: Tencent SkillHub
Largest current source with strong distribution and engagement signals.
Package contents
Included in package
2 Docs
- SKILL.md
- README.md