igmarin/rails-agent-skills
Curated library of 39 AI agent skills for Ruby on Rails development. Organized by category: planning, testing, code-quality, ddd, engines, infrastructure, api, patterns, context, orchestration, and workflows. Includes 5 callable workflow skills (rails-tdd-loop, rails-review-flow, rails-setup-flow, rails-quality-flow, rails-engines-flow) for complete development cycles. Covers code review, architecture, security, testing (RSpec), engines, service objects, DDD patterns, and TDD automation.
95
98%
Does it follow best practices?
Impact
95%
1.20xAverage score across 35 eval scenarios
Passed
No known issues
workflow.mdskills/code-quality/rails-authorization-policies/references/
Authorization Implementation Workflow
Step-by-step guide for implementing authorization in Rails applications.
Step 1: Add Gem
Add to Gemfile:
# For Pundit
gem 'pundit'
# For CanCanCan
gem 'cancancan'Run:
bundle installStep 2: Generate Policy/Ability
Pundit:
rails g pundit:install
rails g pundit:policy PostCanCanCan:
rails g cancan:abilityStep 3: Define Permissions
Define authorization logic in the generated file. See EXAMPLES.md for complete code samples.
Step 4: Authorize in Controller
Add authorization calls to controller actions:
def update
@post = Post.find(params[:id])
authorize @post # Pundit
# or
authorize! :update, @post # CanCanCan
# ...
endStep 5: Write Tests
Create policy specs and request specs covering all roles. See EXAMPLES.md for testing patterns.
Step 6: Validate Coverage
Run all policy specs before deploying:
bundle exec rspec spec/policiesEnsure every role and edge case is explicitly covered.
docs
evals
scenario-1
scenario-2
scenario-3
scenario-4
scenario-5
scenario-6
scenario-7
scenario-8
scenario-9
scenario-10
scenario-11
scenario-12
scenario-13
scenario-14
scenario-15
scenario-16
scenario-17
scenario-18
scenario-19
scenario-20
scenario-21
scenario-22
scenario-23
scenario-24
scenario-25
scenario-26
scenario-27
scenario-28
scenario-29
scenario-30
scenario-31
scenario-32
scenario-33
scenario-34
scenario-35
mcp_server
skills
api
api-rest-collection
rails-graphql-best-practices
code-quality
rails-architecture-review
rails-code-conventions
rails-code-review
rails-review-response
rails-security-review
rails-stack-conventions
assets
snippets
refactor-safely
context
rails-context-engineering
rails-project-onboarding
ddd
ddd-boundaries-review
ddd-rails-modeling
ddd-ubiquitous-language
engines
rails-engine-compatibility
rails-engine-docs
rails-engine-extraction
rails-engine-installers
rails-engine-release
rails-engine-reviewer
rails-engine-testing
infrastructure
rails-api-versioning
rails-background-jobs
rails-database-seeding
rails-frontend-hotwire
rails-migration-safety
rails-performance-optimization
orchestration
rails-skills-orchestrator
patterns
ruby-service-objects
strategy-factory-null-calculator
yard-documentation
planning
create-prd
generate-tasks
ticket-planning
testing
rails-bug-triage
rails-tdd-slices
rspec-best-practices
rspec-service-testing