igmarin/hanakai-yaku

Curated library of atomic AI agent skills for Hanami, dry-rb, and ROM Ruby development. Covers actions, slices, repositories, relations, changesets, providers, DI, operations, TDD, CLI, views, routing, and validation. Shared Ruby process skills have moved to ruby-core-skills. Uses Markdown + Front-matter architecture.

1.33x

Quality

94%

Does it follow best practices?

Impact

92%

1.33x

Average score across 35 eval scenarios

Securityby

Passed

No known issues

name:: review-code
license:: MIT
description:: Use when reviewing Hanami 2.x code, a Hanami app, or any hanami slice for quality and convention adherence. Covers single-responsibility Actions, dependency injection via Deps[], no direct container access, ROM query encapsulation in Repositories, entity usage, View simplicity, error handling, and test coverage. Triggers on phrases like 'review my Hanami code', 'check my action', 'code review', or 'dry-rb patterns'.
metadata:: {"ecosystem_sources":["hanami/hanami"],"tags":["code-review","quality","conventions","review"],"version":"1.0.0"}

review-code

Name: igmarin/hanakai-yaku
Rating: 92.2 (1 reviews)
Author: igmarin

Use this skill when reviewing Hanami 2.x code for quality and convention adherence.

Core principle: Code review catches architectural violations, not just bugs. Focus on structure, boundaries, and testability.

Quick Reference

Concern	Rule	Priority
Action responsibility	One Action = one endpoint. No business logic. ≤ ~10 lines of logic.	Blocker if logic leaks
Dependency injection	`include Deps[]` only. No `Hanami.app['key']` direct access.	Blocker
Query location	All DB queries in Repositories/Relations. No SQL in Actions or Views.	Blocker
Repository return types	Return Entities (`auto_struct true`, `struct_namespace`). No raw hashes.	High
View simplicity	`expose` blocks receive pre-fetched data only. No DB calls or business logic.	Blocker if DB in View
Error handling	Log and return generic messages. No `e.message`/`e.backtrace` in responses.	Blocker
Test coverage	Request specs per endpoint. Test 400, 404, 422, 500 paths. Behavior, not implementation.	High
Settings usage	No `ENV` access. Use Settings for configuration.	Suggestion

Review Workflow

Follow this sequence and report violations in priority order:

Check Action responsibility — Is the Action ≤ ~10 lines? Does it delegate business logic to services or repositories? Flag any SQL, filtering, or domain logic inline in the Action.
Verify DI usage — Are all dependencies declared via include Deps[...]? Flag any Hanami.app['key'] direct access.
Audit query locations — Do all DB queries live in Repositories or Relations? Flag SQL in Actions or Views immediately.
Inspect Repositories — Do they return Entities (not raw hashes)? Is auto_struct true / struct_namespace configured?
Review Views — Do expose blocks receive pre-fetched data only? Flag any DB calls or business logic.
Check error handling — Are exceptions logged and generic messages returned? Flag any e.message or e.backtrace in responses.
Assess test coverage — Are there request specs for each endpoint? Are 400, 404, 422, and 500 paths tested?

For each violation found, report: location, rule broken, concrete fix (with code where helpful), and priority (blocker if it exposes internals or bypasses DI; suggestion otherwise).

Core Rules with Examples

1. Actions — single-responsibility, delegate logic:

# GOOD
class Index < MyApp::Action
  include Deps["repos.user_repo"]
  def handle(request, response)
    response.render(view, users: user_repo.all)
  end
end

# BAD — business logic and direct ROM access in Action
users = Hanami.app["db.rom"].gateways[:default].dataset(:users).where(status: "active").to_a
active_users = users.select { |u| u.status == "active" }

2. Dependencies — always via Deps, never direct container:

# GOOD
include Deps["repos.user_repo"]

# BAD
repo = Hanami.app["repos.user_repo"]

3. Repositories — return Entities, not raw hashes:

# GOOD
class UserRepo < Hanami::DB::Repo[:users]
  struct_namespace MyApp::Entities
  auto_struct true
end

# BAD
def find(id) = users.where(id: id).one.to_h

4. Views — no DB queries or business logic in expose:

# GOOD
expose :user  # receives pre-fetched entity from Action

# BAD
expose :user do |request|
  Hanami.app["repos.user_repo"].by_id(request.params[:id]).one
end

5. Error handling — log details, return generic messages:

# GOOD
rescue StandardError => e
  Hanami.app[:logger].error(e.message)
  halt 500, { error: "Internal server error" }.to_json
end

# BAD — leaks internals
halt 500, { error: e.message, backtrace: e.backtrace }.to_json

6. Tests — cover behavior and all error paths:

# GOOD
it "returns 404 for unknown user" do
  get "/users/9999"
  expect(last_response.status).to eq(404)
end

# BAD — tests implementation, not behavior
expect(user_repo).to receive(:active)

Integration

Related Skill	When to chain
create-action	Review Action structure and responsibility.
inject-dependencies	Verify proper DI usage.
create-repository	Verify query encapsulation in Repositories.
create-view	Verify View simplicity and no DB access.
write-request-spec	Verify test coverage for all endpoints.
review-security	Cross-reference security concerns during code review.
review-process (from ruby-core-skills)	Severity levels, structured findings format, re-review criteria.

docs

evals

skills

actions

cli

context

cross-cutting

manage-settings

review-code

SKILL.md

dry-monads

dry-rb

providers

review-security

routing

slices

testing

views

README.md

tile.json

igmarin/hanakai-yaku

SKILL.md.css-3qkkll{font-size:var(--chakra-font-sizes-sm);font-weight:var(--chakra-font-weights-normal);color:var(--chakra-colors-gray-300);}skills/cross-cutting/review-code/

review-code

Quick Reference

Review Workflow

Core Rules with Examples

Integration

SKILL.mdskills/cross-cutting/review-code/