Quality Gates
PassAudited by ClawScan on May 1, 2026.
Overview
This is a coherent instruction-only quality automation guide; it contains project/CI-changing examples and an external install command users should apply deliberately.
This skill appears safe as an instruction-only quality-gates guide. Before installing or using it, verify the optional GitHub/npx install source, and review any Git hooks, CI workflows, coverage thresholds, branch protections, or bypass rules before applying them to a real project or team repository.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If applied without review, these examples can block commits or change local development workflow.
The skill documents commands that create or overwrite project Git hook files. This is directly related to pre-commit quality gates, but it changes repository behavior.
npx husky init echo "npx lint-staged" > .husky/pre-commit
Apply these snippets only in the intended repository, review generated files, and adjust checks before enforcing them for a team.
Incorrect or overly strict gates could block legitimate pull requests or slow releases.
The skill recommends enabling blocking repository controls. This is purpose-aligned for quality gates, but it can affect merging and deployment workflows.
Set these as **required status checks** in branch protection rules so PRs cannot merge until all gates pass.
Pilot gates before making them required, document bypass procedures, and ensure maintainers can adjust or roll back branch protection settings.
Running the install command would trust content from that remote repository path.
The README provides an optional remote npx installation command from a GitHub path while the registry lists the source as unknown and no homepage is provided. This is not automatic behavior, but it is an external provenance point users should verify.
npx add https://github.com/wpank/ai/tree/main/skills/testing/quality-gates
Verify the repository and contents before running the npx command, and prefer a pinned release or reviewed package source when possible.