# Send Quality Gates to your agent Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually. ## Fast path - Download the package from Yavira. - Extract it into a folder your agent can access. - Paste one of the prompts below and point your agent at the extracted folder. ## Suggested prompts ### New install ```text I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete. ``` ### Upgrade existing ```text I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run. ``` ## Machine-readable fields ```json { "schemaVersion": "1.0", "item": { "slug": "quality-gates", "name": "Quality Gates", "source": "tencent", "type": "skill", "category": "开发工具", "sourceUrl": "https://clawhub.ai/wpank/quality-gates", "canonicalUrl": "https://clawhub.ai/wpank/quality-gates", "targetPlatform": "OpenClaw" }, "install": { "downloadUrl": "/downloads/quality-gates", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=quality-gates", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "packageFormat": "ZIP package", "primaryDoc": "SKILL.md", "includedAssets": [ "README.md", "SKILL.md" ], "downloadMode": "redirect", "sourceHealth": { "source": "tencent", "slug": "quality-gates", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-05-07T19:01:32.961Z", "expiresAt": "2026-05-14T19:01:32.961Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=quality-gates", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=quality-gates", "contentDisposition": "attachment; filename=\"quality-gates-0.1.0.zip\"", "redirectLocation": null, "bodySnippet": null, "slug": "quality-gates" }, "scope": "item", "summary": "Item download looks usable.", "detail": "Yavira can redirect you to the upstream package for this item.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/quality-gates" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] } }, "links": { "detailUrl": "https://openagent3.xyz/skills/quality-gates", "downloadUrl": "https://openagent3.xyz/downloads/quality-gates", "agentUrl": "https://openagent3.xyz/skills/quality-gates/agent", "manifestUrl": "https://openagent3.xyz/skills/quality-gates/agent.json", "briefUrl": "https://openagent3.xyz/skills/quality-gates/agent.md" } } ``` ## Documentation ### Quality Gates Enforce quality checkpoints at every stage of the development lifecycle. Each gate defines what is checked, when it runs, and whether it blocks progression. ### When to Use Before committing — catch lint errors, formatting issues, type errors, and secrets before they enter history Before merging — ensure full test suites pass, coverage thresholds are met, and code has been reviewed Before deploying — validate integration tests, security scans, and performance budgets in staging During code review — verify that all automated gates have passed and manual review criteria are satisfied After deploying — monitor health checks, error rates, and performance baselines ### Gate Overview GateWhenChecksBlocking?Pre-commitgit commitLint, format, type-check, secrets scanYesPre-pushgit pushUnit tests, build verificationYesPre-mergePR/MR approvalFull test suite, code review, coverage thresholdYesPre-deploy (staging)Deploy to stagingIntegration tests, smoke tests, security scanYesPre-deploy (production)Deploy to productionStaging verification, load test, rollback planYesPost-deployAfter production deployHealth checks, error rate monitoring, perf baselinesAlerting ### Husky + lint-staged (Node.js) { "lint-staged": { "*.{js,ts,tsx}": ["eslint --fix", "prettier --write"], "*.{json,md,yaml}": ["prettier --write"] } } npx husky init echo "npx lint-staged" > .husky/pre-commit ### Pre-commit framework (Python) # .pre-commit-config.yaml repos: - repo: https://github.com/pre-commit/pre-commit-hooks rev: v4.6.0 hooks: - id: trailing-whitespace - id: end-of-file-fixer - id: check-yaml - id: check-added-large-files - repo: https://github.com/astral-sh/ruff-pre-commit rev: v0.6.0 hooks: - id: ruff args: [--fix] - id: ruff-format - repo: https://github.com/pre-commit/mirrors-mypy rev: v1.11.0 hooks: - id: mypy ### Secrets Scanning (pre-commit hook) #!/bin/sh # .git/hooks/pre-commit gitleaks protect --staged --verbose if [ $? -ne 0 ]; then echo "Secrets detected. Commit blocked." exit 1 fi ### GitHub Actions name: Quality Gates on: pull_request: branches: [main] jobs: lint-and-typecheck: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: actions/setup-node@v4 - run: npm ci - run: npm run lint - run: npm run typecheck unit-tests: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: actions/setup-node@v4 - run: npm ci - run: npm test -- --coverage - name: Check coverage threshold run: | COVERAGE=$(jq '.total.lines.pct' coverage/coverage-summary.json) if (( $(echo "$COVERAGE < 80" | bc -l) )); then echo "Coverage $COVERAGE% is below 80% threshold" exit 1 fi security-scan: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - run: npm audit --audit-level=high - uses: gitleaks/gitleaks-action@v2 build: needs: [lint-and-typecheck, unit-tests, security-scan] runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: actions/setup-node@v4 - run: npm ci - run: npm run build Set these as required status checks in branch protection rules so PRs cannot merge until all gates pass. ### Coverage Gates TypeMinimum ThresholdNotesUnit tests80% line coveragePer-file and aggregateIntegration tests60% of integration pointsAPI endpoints, DB queriesE2E tests100% of critical pathsAuth, checkout, core workflowsNo decrease rule0% regression allowedNew code must not lower overall coverage ### Enforcing Thresholds // jest.config.js or vitest.config.ts { "coverageThreshold": { "global": { "branches": 75, "functions": 80, "lines": 80, "statements": 80 } } } For the no decrease rule, compare coverage against the base branch in CI and fail if the delta is negative. ### Dependency Scanning EcosystemToolCommandNode.jsnpm auditnpm audit --audit-level=highPythonpip-auditpip-audit --strictRustcargo auditcargo auditGogovulncheckgovulncheck ./...UniversalTrivytrivy fs --severity HIGH,CRITICAL . ### Secret Detection ToolUse CaseCommandgitleaksPre-commit and CIgitleaks protect --stagedTruffleHogDeep history scantrufflehog git file://. --only-verifieddetect-secretsBaseline-aware scanningdetect-secrets scan --baseline .secrets.baseline ### Bundle Size Budgets { "bundlesize": [ { "path": "dist/main.*.js", "maxSize": "150 kB" }, { "path": "dist/vendor.*.js", "maxSize": "250 kB" }, { "path": "dist/**/*.css", "maxSize": "30 kB" } ] } ### Lighthouse CI Thresholds { "ci": { "assert": { "assertions": { "categories:performance": ["error", { "minScore": 0.9 }], "categories:accessibility": ["error", { "minScore": 0.95 }], "categories:best-practices": ["error", { "minScore": 0.9 }], "first-contentful-paint": ["error", { "maxNumericValue": 2000 }], "largest-contentful-paint": ["error", { "maxNumericValue": 2500 }], "cumulative-layout-shift": ["error", { "maxNumericValue": 0.1 }] } } } } ### API Response Time Limits Endpoint TypeP50P95P99Read (GET)< 100ms< 300ms< 500msWrite (POST/PUT)< 200ms< 500ms< 1000msSearch/aggregate< 300ms< 800ms< 2000msHealth check< 50ms< 100ms< 200ms Enforce via load testing tools (k6, Artillery) in CI with pass/fail thresholds. ### Required Approvals Change ScopeApprovals RequiredStandard code changes1 approval minimumInfrastructure, auth, payments, data models2 approvalsDependency updates, cryptographic changesSecurity team approval ### CODEOWNERS # .github/CODEOWNERS * @team/engineering /infra/ @team/platform /src/auth/ @team/security /src/payments/ @team/payments @team/security *.sql @team/data-engineering Dockerfile @team/platform ### When Bypass Is Acceptable Hotfixes for production incidents with active user impact Trivial changes (typos, comments) where automated checks are overkill Dependency updates that break CI due to upstream issues (not your code) ### Required Documentation for Every Bypass Reason — why the gate cannot pass right now Risk assessment — what could go wrong by skipping Follow-up ticket — link to an issue that tracks resolving the bypass Approver — name of the senior engineer or lead who authorized the bypass ### NEVER Do NEVER disable gates permanently — fix the root cause, don't remove the guardrail NEVER commit secrets — even to "test" branches; git history is forever NEVER skip tests to unblock a deploy — if tests fail, the code is not ready NEVER merge with failing required checks — admin merge bypasses erode team trust NEVER set coverage thresholds to 0% — even a low threshold is better than none NEVER bypass security scans for speed — vulnerabilities in production cost far more than CI minutes NEVER rely solely on post-deploy gates — catching issues after users are impacted is damage control, not quality NEVER treat alerting gates as optional — post-deploy monitoring exists because pre-deploy gates cannot catch everything; ignoring alerts defeats the purpose ## Trust - Source: tencent - Verification: Indexed source record - Publisher: wpank - Version: 0.1.0 ## Source health - Status: healthy - Item download looks usable. - Yavira can redirect you to the upstream package for this item. - Health scope: item - Reason: direct_download_ok - Checked at: 2026-05-07T19:01:32.961Z - Expires at: 2026-05-14T19:01:32.961Z - Recommended action: Download for OpenClaw ## Links - [Detail page](https://openagent3.xyz/skills/quality-gates) - [Send to Agent page](https://openagent3.xyz/skills/quality-gates/agent) - [JSON manifest](https://openagent3.xyz/skills/quality-gates/agent.json) - [Markdown brief](https://openagent3.xyz/skills/quality-gates/agent.md) - [Download page](https://openagent3.xyz/downloads/quality-gates)