{
  "instruction": "Use environment-based configuration, flask.g for per-request state, and proper request lifecycle hooks",
  "relevant_when": "Agent configures a Flask application or manages per-request state",
  "context": "Flask configuration must come from environment variables with sensible defaults -- never hardcoded secrets. Use app.config.from_object() or app.config.from_mapping(). Per-request state goes on flask.g, not module-level globals. after_request hooks MUST return the response object. teardown_appcontext is for cleanup (closing DB connections). Logging is configured inside create_app() using app.logger.",
  "sources": [
    {
      "type": "file",
      "filename": "skills/flask-best-practices/SKILL.md",
      "tile": "tessl-labs/flask-best-practices@0.2.0"
    }
  ],
  "checklist": [
    {
      "name": "config-from-environment",
      "rule": "Configuration values come from environment variables (os.getenv or config classes) with sensible defaults -- no hardcoded secrets or database URLs",
      "relevant_when": "Agent configures a Flask application"
    },
    {
      "name": "g-for-request-state",
      "rule": "Per-request state is stored on flask.g -- not in module-level global variables",
      "relevant_when": "Agent stores per-request data (request IDs, DB connections, user context)"
    },
    {
      "name": "after-request-returns-response",
      "rule": "after_request hooks return the response object -- omitting the return statement silently breaks the response",
      "relevant_when": "Agent defines after_request hooks"
    },
    {
      "name": "teardown-for-cleanup",
      "rule": "teardown_appcontext is used to clean up resources like database connections (not after_request, which doesn't run on errors)",
      "relevant_when": "Agent manages database connections or other resources that need cleanup"
    }
  ]
}