max/ai-sdlc-standards
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d3a99d01fa1a66b7a2c96be431ec05f14f202d0a
ai-sdlc-standards/skill/SKILL.md

83 lines
2.7 KiB
Markdown
Raw Normal View History

AI SDLC Standards: cross-cutting requirements mono repo - Security: input validation, SQL injection, auth annotations, secrets, CVE checks - Architecture: API contract first, service boundaries, breaking change protocol - DevOps: health checks, structured logging, resource limits, rollback safety - Cost: resource tagging, auto-scaling limits, storage lifecycle - Deterministic compliance checker (.tests/check.sh) - Agent skill for context injection (Cursor, OpenSpec, Claude Code examples) - Demo with intentional violations
2026-03-07 07:31:16 +00:00
---
name: sdlc-standards
description: Inject cross-cutting non-functional requirements into AI agent context during software development. Use when starting work on a Jira story, designing a feature, implementing code, or preparing for deployment. Pulls security, architecture, DevOps, and cost requirements from the standards mono repo at the appropriate development phase.
---
# SDLC Standards Skill
Provides non-functional requirements to your AI agent based on the current development phase.
## Setup
Clone the standards repo into your workspace:
```bash
git clone <standards-repo-url> .standards
```
Or add as a git submodule:
```bash
git submodule add <standards-repo-url> .standards
```
## When to Load Requirements
| Phase | Load these | Why |
|-------|-----------|-----|
| Design / Exploration | `architecture/requirements.md` | API contracts, service boundaries, breaking change protocol |
| Implementation | `security/requirements.md` | Input validation, auth, secrets, SQL safety |
| Deployment config | `devops/requirements.md`, `cost/requirements.md` | Health checks, logging, resource limits, tagging |
## Usage
When starting a new story, tell your agent:
> Before implementing, read the requirements from `.standards/` that apply to this phase. For design work, read `.standards/architecture/requirements.md`. For implementation, read `.standards/security/requirements.md`. For deployment changes, read `.standards/devops/requirements.md` and `.standards/cost/requirements.md`.
Or configure your agent rules to auto-load:
### Cursor (.cursor/rules)
```
When working on this project, check .standards/ for non-functional requirements.
Load architecture requirements during design. Load security requirements during implementation.
Load devops and cost requirements when modifying deployment configs.
```
### OpenSpec (openspec.config.yaml)
```yaml
context:
- path: .standards/architecture/requirements.md
phase: propose
- path: .standards/security/requirements.md
phase: apply
- path: .standards/devops/requirements.md
phase: apply
```
### Claude Code (CLAUDE.md)
```markdown
## Standards
Before implementing, read applicable requirements from `.standards/`:
- Design: `.standards/architecture/requirements.md`
- Code: `.standards/security/requirements.md`
- Deploy: `.standards/devops/requirements.md` and `.standards/cost/requirements.md`
```
## CI Integration
Run the compliance checker in your pipeline:
```bash
bash .standards/.tests/check.sh . --diff main
```
Returns exit code 0 (pass/warn) or 1 (violations). Start with `|| true` to make it informational, remove when ready to enforce.
```groovy
// Jenkinsfile example
stage('Standards Check') {
steps {
sh 'bash .standards/.tests/check.sh . --diff main || true'
}
}
```
Reference in New Issue Copy Permalink