igmarin/ruby-core-skills
Curated library of 16 public Ruby AI agent skills: 10 atomic skills (YARD docs, service objects, calculator pattern, API clients, DDD, bug triage, code review, skill routing), 5 process-discipline skills (TDD, refactoring, review, security, test planning), and 1 planning skill (TDD task generation). Zero agents — this is a foundational library consumed by framework-specific tiles like rails-agent-skills and hanakai-yaku.
95
96%
Does it follow best practices?
Impact
95%
1.05xAverage score across 16 eval scenarios
Passed
No known issues
task.mdevals/scenario-5/
Security Review Process Task
Problem
A Ruby team needs help with a task in this area:
Standardizes security review procedures for Ruby code mapped to OWASP Top 10: allowlist all input params before processing, forbid SQL interpolation (#{}), verify no secrets committed or logged, run bundle exec bundle-audit check --update, check for shell injection (system(), backticks, exec()), and discard instruction-like keys (prompt, instructions) in JSON payloads.
The team has asked for a concise implementation artifact that a reviewer can inspect without needing to observe the agent's process.
Output
Create answer.md with:
- a short plan for the work
- the concrete Ruby-oriented artifact or recommendation
- the verification steps or quality gates that should be run
- any assumptions that affect the result
docs
evals
scenario-1
scenario-2
scenario-3
scenario-4
scenario-5
scenario-6
scenario-7
scenario-8
scenario-9
scenario-10
scenario-11
scenario-12
scenario-13
scenario-14
scenario-15
scenario-16
skills
code-quality
respond-to-review
ddd
define-domain-language
model-domain
review-domain-boundaries
docs
write-yard-docs
orchestration
skill-router
patterns
create-service-object
implement-calculator-pattern
planning
generate-tdd-tasks
process
testing
triage-bug