agentskills.codes

Use when verification with evidence is needed — not assumptions. Trigger for 'check my code', 'is this ready to merge', 'run the tests', 'is coverage good enough', 'scan for security issues', 'does this meet our standards', 'prove it works', 'is this ready to ship', 'run the release checks', 'pre-re

Install

mkdir -p .claude/skills/ai-verify && curl -L -o skill.zip "https://agentskills.codes/api/skills/download/14876" && unzip -o skill.zip -d .claude/skills/ai-verify && rm skill.zip

Installs to .claude/skills/ai-verify

Activation

This is the description your AI agent reads to decide when to run this skill — the better it matches your request, the more reliably it fires.

Use when verification with evidence is needed — not assumptions. Trigger for 'check my code', 'is this ready to merge', 'run the tests', 'is coverage good enough', 'scan for security issues', 'does this meet our standards', 'prove it works', 'is this ready to ship', 'run the release checks', 'pre-release checklist', 'GO/NO-GO'. Runs 2 specialists post-W3 (deterministic, acceptance) with `normal` implicit and `--full` explicit; the `--release` mode flag aggregates 8-dimension release readiness (coverage, security, tests, lint, dependencies, types, docs, packaging) and emits GO/CONDITIONAL GO/NO-GO. For narrative code review with human judgment, use /ai-review instead.
675 chars✓ has a “when” triggerlonger than Claude Code's old 250-char listing cap (fine on current versions)

About this skill

Verify

Quick start

/ai-verify                      # normal: deterministic + LLM judgment
/ai-verify --full               # one agent per specialist
/ai-verify quality              # deterministic quality scan only
/ai-verify platform             # 2-specialist aggregate verdict (post-W3)
/ai-verify --release            # 8-dimension release-readiness gate (GO|CONDITIONAL GO|NO-GO)
/ai-verify --release v2.0       # tag-specific release run

Workflow

Evidence before claims. Two faces: (1) a verification protocol that proves claims with commands, and (2) a specialist verification surface that aggregates deterministic evidence into merge-readiness judgments. Same principle: run the command, read the output, check the exit code. No guessing. This SKILL.md owns the user-facing contract; verifier agent files provide specialist lenses and must not redefine mode semantics.

  1. Step 0 — load stack contexts: read .ai-engineering/manifest.yml providers.stacks and apply .ai-engineering/overrides/<stack>/conventions.md for each stack.
  2. Dependency preflight — verify .github/skills/ai-verify/handlers/verify.md plus required .github/agents/verifier-*.md files exist for the selected mode (normal and --full both require deterministic + acceptance post-W3; individual modes require only the matching specialist). STOP and report exact missing path(s) — never improvise.
  3. Run protocol — run the IRRV protocol: per claim, identify command → run → capture output + exit code → classify CONFIRMED (exit 0 + expected) or REFUTED.
  4. Dispatch specialists via the Agent tool (never read them inline). Output is always reported by original specialist lens.

Dispatch threshold

Dispatch the ai-verify agent for any merge-readiness check, scan, or evidence-backed claim. Hand off via Agent tool — each specialist runs in its own context window. The agent file (.github/agents/verify.agent.md) is the orchestrator handle; the procedural contract — modes, profiles, output contract — lives here.

When to Use

  • Before claiming "it works" (run the test, show the output)
  • Before claiming "it's secure" (run the scan, show the findings)
  • Before claiming "Done!" (verify every acceptance criterion with evidence)
  • When running quality/security/governance scans on a codebase

Specialist Roster & Modes

Spec-140 W3 collapsed the verifier roster: verifier-governance + verifier-feature merged into verifier-acceptance; verifier-architecture's heuristics moved to /ai-advise (advisory non-blocking) and the standalone verifier was deleted.

SpecialistAgent FileLens
deterministicverifier-deterministic.mdSecurity, quality, dependencies, tests (tool-driven)
acceptanceverifier-acceptance.mdSpec coverage, acceptance criteria, governance compliance, ownership boundaries, gate enforcement (LLM; merged from governance + feature)
ModeWhat runs
normal (implicit)2 macro-agents: deterministic first, then acceptance (single LLM macro)
--fullSame 2 specialists, dispatched explicitly in parallel after deterministic
quality / securityDeterministic agent only (one scan slice)
acceptance / governance / featureAcceptance specialist only (the governance / feature aliases preserved for operator muscle memory)
platformAggregate verdict over deterministic + acceptance
--release [version]8-dimension release-readiness gate (D-127-10, absorbs the legacy /ai-verify --release skill). Stack-detected (Python/JS/Rust/Go); aggregates coverage (≥ manifest threshold), security (gitleaks + semgrep + pip-audit, zero crit/high), tests (100% pass), lint (zero unfixable), dependency vulns (zero known CVEs unless risk-accepted in decision-store.json), types (zero errors), documentation coherence (CHANGELOG current), packaging integrity (build clean). Verdict is GO (all PASS) / CONDITIONAL GO (PASS with risk acceptances) / NO-GO (≥1 blocker). Closure path printed for NO-GO.

Both profiles run the same two specialists — difference is grouping (single macro vs. parallel), not coverage. Deterministic always runs first and feeds the acceptance judgment. Architecture lens runs as advisory through /ai-advise drift rather than as a blocking verify lens. See handlers/verify.md for orchestration.

Output Contract

Every scan mode produces score / verdict (PASS/WARN/FAIL) / profile / specialist table / findings table grouped by specialist / gate check (blocker + critical thresholds).

ModeBlocker if…Critical if…
deterministicAny secret detected, any test failureCoverage < 80%, critical lint
acceptanceSpec goal missing, integrity FAIL, suppression addedAcceptance criterion unmet, compliance FAIL, count drift
platformAny blocker in ANY modeScore < 60

Verification Checklist (before claiming DONE)

  • Every acceptance criterion verified with a command
  • All tests pass (exact count reported)
  • Lint/format clean (zero warnings)
  • No secrets in staged files
  • Coverage maintained or improved (exact % reported)
  • No forbidden words used in the completion report

Common Mistakes

  • Claiming success without running the command
  • Assuming --full adds specialist coverage instead of changing decomposition
  • Pretending a specialist did not run instead of reporting not applicable
  • Ignoring warnings when exit code is 0
  • Using forbidden words ("should work") instead of evidence
  • Reading specialist agent files inline instead of dispatching via Agent tool

Examples

Example 1 — pre-merge platform sweep

User: "is this branch ready to merge?"

/ai-verify platform

Dispatches deterministic + acceptance in parallel (post-W3 the roster is 2), aggregates findings, scores against the gate, returns PASS / WARN / FAIL with evidence per finding.

Example 2 — quality-only sweep mid-implementation

User: "before I keep going, run the quality checks"

/ai-verify quality

Runs the deterministic specialist (lint, format, type-check, tests, coverage), reports findings inline so the build loop can fix in place.

Example 3 — release readiness gate

User: "is the v2.0 branch ready to ship?"

/ai-verify --release v2.0

Aggregates 8 dimensions, scores against manifest thresholds, emits GO / CONDITIONAL GO / NO-GO with evidence per dimension and remediation hints (D-127-10; replaces /ai-verify --release).

Integration

Called by: /ai-build (post-task), /ai-autopilot (Phase 5), user directly. Dispatches: verifier-deterministic, verifier-acceptance agents (post-W3 roster of 2). Read-only: never modifies code. See also: /ai-review (narrative review), /ai-advise (advisory architecture lens), /ai-reliability-eval (AI reliability over time), /ai-security (deep CVE/SBOM only), /ai-governance (compliance, risk acceptance).

$ARGUMENTS

More by arcasilesgroup

View all by arcasilesgroup

ai-docs

arcasilesgroup

Manages the documentation lifecycle: CHANGELOG, README, solution-intent architecture docs, external docs portals, and documentation quality gates. Auto-invoked by /ai-pr. Trigger for 'update the changelog', 'the README is stale', 'document this feature', 'docs portal needs updating', 'did we documen

00

ai-code

arcasilesgroup

Writes production code that satisfies stack-context standards on the first pass: interface-first design, backward-compatibility checks, lightweight self-review. Trigger for 'implement this', 'write the code for', 'add X to Y', 'build this function', 'make this work'. Not for tests; use /ai-test inst

00

ai-learn

arcasilesgroup

Extracts lessons from merged PR review feedback by analyzing what reviewers caught, identifying missed checks, and writing entries directly to LESSONS.md. Trigger for 'the AI keeps doing X wrong', 'learn from this PR', 'what patterns did reviewers catch', 'update our standards from feedback'. Not fo

00

ai-media

arcasilesgroup

Generates images, videos, and audio via AI models (fal-ai MCP): cheap iteration models, expensive production finals, cost-estimate before generation. Trigger for 'generate an image', 'create a thumbnail', 'make a voiceover', 'AI video', 'text to speech for'. Not for design composition; use /ai-visua

00

ai-issue

arcasilesgroup

Creates a project work-item (issue / task / story) on the user's configured board: routes by manifest `work_items.provider` (GitHub Projects v2 or Azure DevOps), composes title + body + labels, attaches to the active board, and confirms a clickable link. Trigger for 'open an issue', 'file a bug', 'c

00

ai-design

arcasilesgroup

Designs user interfaces and design systems for web, mobile, CLI, and documentation-heavy experiences: aesthetic direction, color palettes, typography, spatial composition, information architecture. Trigger for 'design this page', 'create a design system', 'what style should we use', 'UI for this fea

00

Search skills

Search the agent skills registry