General-purpose coding policy for Baruch's AI agents
91
97%
Does it follow best practices?
Impact
91%
1.78xAverage score across 18 eval scenarios
Advisory
Suggest reviewing before use
[skip ci] to commit messagesCHANGES_REQUESTED that the same bot later superseded with an all-clear re-reviewAPPROVE (github-actions[bot] — GitHub returns HTTP 422) re-reviews clean but cannot post the APPROVED verdict that would supersede its earlier CHANGES_REQUESTED — the stale request keeps the merge BLOCKED until dismissedCHANGES_REQUESTED from a gating bot on the allowlist (GATING_BOTS in skills/release/dismiss-stale-reviews.sh), never a human reviewer — a human can APPROVE, so a human's supersession goes through re-request-and-approve, never dismissaldismiss-stale-reviews.sh header), not restated here; a DISMISSED or PENDING latest state is not an all-clearskills/release/dismiss-stale-reviews.sh — it enforces both preconditions and is the recommended path; decision predicate and allowlisted bot logins live in the script header, not restated here (rules/script-as-black-box.md)Never Skip Tests violation; the gate was satisfied and cleaned up, not skippedCHANGES_REQUESTED no all-clear superseded, or any human reviewer's change request, blocks the merge until resolved through review[skip ci] on a commit the publish workflow pushes to the protected branch[skip ci] rides only on the commit pushed back to the protected branch, solely to stop self-retrigger[skip ci], never to skip failing tests or unblock a mergeInteractionMismatchError) and shows zero test assertions executed<type>/<description> (e.g., feat/add-auth, fix/null-pointer, chore/update-deps)<type>-<issue-number> is an accepted alternative where the repo's existing branches already use it (e.g., fix-111)gh run watch or equivalent to monitor the run in real timeconclusion, a review verdict posted, a moderation pass — never to an agent-chosen elapsed time*_INTERVAL_SEC / *_BUDGET_SEC env vars in the release watch scripts), never numbers an agent picks per runtimeout — no blanket minute count exists in this policy to cite; a watcher gives up only at its own documented budgetnone), zero inline comments included — never wait for comments to appearskills/release/watch-pr-reviews.sh (see skills/release/SKILL.md Step 5); it owns the interval and budget and watches exactly the gate fields aboveLatest Version as baselineheadSha + push event filterconclusion is successLatest Version advanced past the baselineskills/release/SKILL.md Step 7 for the agent-executable form of the release contracttessl install after publish — a freshly published version can be install-blocked until its moderation state reaches passskills/release/verify-moderation-cleared.sh); a still-pending or blocked state at budget exhaustion is an unconfirmed release, surfaced as a failure, never reported as successtessl installtesslio/patch-version-publish) and the run got past it. Safer recovery: a follow-up commit fires a fresh publish on mergequeued and no github-actions run is created, check the PR's merge state before assuming an Actions outagegh pr view <N> --json mergeable,mergeStateStatus — CONFLICTING / DIRTY is the causequeued while no github-actions suite is createdgh api repos/<owner>/<repo>/commits/<sha>/check-suites -q '.check_suites[] | "\(.app.slug) \(.status) \(.conclusion)"'github-actions suite runs and mergeStateStatus flips to UNSTABLE / CLEANmain or master (except under the Content-Only Direct-Push Carve-Out below)main or master without a PR review cycle**/*.md. Globs that would match rules/**, skills/**, workflow files (*.yml or *.yaml), .tessl-plugin/plugin.json, package.json, or any executable/loaded artifact (regardless of extension) are mis-scopedrules/script-delegation.md), not agent judgment.tessl-plugin
evals
scenario-1
scenario-2
scenario-3
scenario-4
scenario-5
scenario-6
scenario-7
scenario-8
scenario-9
scenario-10
scenario-11
scenario-12
scenario-13
scenario-14
scenario-15
scenario-16
scenario-17
scenario-18
rules
skills
adopt-fork-pr
eval-curation
install-reviewer
migrate-to-plugin