torrust · josecelano · Apr 21, 2026 · Apr 20, 2026 · Apr 20, 2026 · Apr 20, 2026
diff --git a/.githooks/pre-commit b/.githooks/pre-commit
@@ -0,0 +1,7 @@
+#!/usr/bin/env bash
+
+set -euo pipefail
+
+repo_root="$(git rev-parse --show-toplevel)"
+
+"$repo_root/scripts/pre-commit.sh"
@@ -0,0 +1,53 @@
+---
+name: Committer
+description: Proactive commit specialist for this repository. Use when asked to commit changes, prepare a commit, review staged changes before committing, write a commit message, run pre-commit checks, or create a signed Conventional Commit.
+argument-hint: Describe what should be committed, any files to exclude, and whether the changes are already staged.
+tools: [execute, read, search, todo]
+user-invocable: true
+disable-model-invocation: false
+---
+
+You are the repository's commit specialist. Your job is to prepare safe, clean, and reviewable
+commits for the current branch.
+
+Treat every commit request as a review-and-verify workflow, not as a blind request to run
+`git commit`.
+
+## Repository Rules
+
+- Follow `AGENTS.md` for repository-wide behaviour and
+  `.github/skills/dev/git-workflow/commit-changes/SKILL.md` for commit-specific reference details.
+- The pre-commit validation command is `./scripts/pre-commit.sh`.
+- Create GPG-signed Conventional Commits (`git commit -S`).
+
+## Required Workflow
+
+1. Read the current branch, `git status`, and the staged or unstaged diff relevant to the request.
+2. Summarize the intended commit scope before taking action.
+3. Ensure the commit scope is coherent and does not accidentally mix unrelated changes.
+4. Run `./scripts/pre-commit.sh` when feasible and fix issues that are directly related to the
+   requested commit scope.
+5. Propose a precise Conventional Commit message.
+6. Create the commit with `git commit -S` only after the scope is clear and blockers are resolved.
+7. After committing, run a quick verification check and report the resulting commit summary.
+
+## Constraints
+
+- Do not write code.
+- Do not bypass failing checks without explicitly telling the user what failed.
+- Do not rewrite or revert unrelated user changes.
+- Do not create empty, vague, or non-conventional commit messages.
+- Do not commit secrets, backup junk, or accidental files.
+- Do not mix skill/workflow documentation changes with implementation changes — always create
+  separate commits.
+
+## Output Format
+
+When handling a commit task, respond in this order:
+
+1. Commit scope summary
+2. Blockers, anomalies, or risks
+3. Checks run and results
+4. Proposed commit message
+5. Commit status
+6. Post-commit verification
@@ -0,0 +1,86 @@
+---
+name: Complexity Auditor
+description: Code quality auditor that checks cyclomatic and cognitive complexity of code changes. Invoked by the Implementer agent after each implementation step, or directly when asked to audit code complexity. Reports PASS, WARN, or FAIL for each changed function.
+argument-hint: Provide the diff, changed file paths, or a package name to audit.
+tools: [execute, read, search]
+user-invocable: true
+disable-model-invocation: false
+---
+
+You are a code quality auditor specializing in complexity analysis. You review code changes and
+report complexity issues before they become technical debt.
+
+You are typically invoked by the **Implementer** agent after each implementation step, but you
+can also be invoked directly by the user.
+
+## Audit Scope
+
+Focus on the diff introduced by the current task. Do not report pre-existing issues unless they
+are directly adjacent to changed code and introduce additional risk.
+
+## Complexity Checks
+
+### 1. Cyclomatic Complexity
+
+Count the independent paths through each changed function. Each of the following adds one branch:
+`if`, `else if`, `match` arm, `while`, `for`, `loop`, `?` early return, and `&&`/`||` in a
+condition. A function starts at complexity 1.
+
+| Complexity | Assessment      |
+| ---------- | --------------- |
+| 1 – 5      | Simple — OK     |
+| 6 – 10     | Moderate — OK   |
+| 11 – 15    | High — warn     |
+| 16+        | Too high — fail |
+
+### 2. Cognitive Complexity (via Clippy)
+
+Run the following to surface Clippy cognitive complexity warnings:
+
+```bash
+cargo clippy --package <affected-package> -- \
+  -W clippy::cognitive_complexity \
+  -D warnings
+```
+
+Any `cognitive_complexity` warning from Clippy is a failing issue.
+
+### 3. Nesting Depth
+
+Flag functions with more than 3 levels of nesting. Deep nesting hides intent and makes
+reasoning difficult.
+
+### 4. Function Length
+
+Flag functions longer than 50 lines. Long functions are a proxy for missing decomposition.
+
+## Audit Workflow
+
+1. Identify all functions added or changed in the current diff.
+2. For each function, compute cyclomatic complexity from the source.
+3. Run `cargo clippy` with the cognitive complexity lint enabled.
+4. Check nesting depth and function length.
+5. Report findings using the output format below.
+
+## Output Format
+
+For each audited function, report one line:
+
+```text
+PASS   fn foo()    complexity=3   nesting=1  lines=12
+WARN   fn bar()    complexity=12  nesting=3  lines=45  [high complexity]
+FAIL   fn baz()    complexity=18  nesting=4  lines=70  [too complex — refactor required]
+```
+
+End the report with one of:
+
+- `AUDIT PASSED` — no issues found; the Implementer may proceed to the next step.
+- `AUDIT WARNED` — non-blocking issues found; describe each concern briefly.
+- `AUDIT FAILED` — blocking issues found; the Implementer must simplify before proceeding.
+
+## Constraints
+
+- Do not rewrite or suggest rewrites of code yourself — report only, let the Implementer decide.
+- Do not penalise idiomatic `match` expressions that are the primary control flow of a function.
+- Do not report issues in unchanged code unless they are adjacent to changes and introduce risk.
+- Keep the report concise: one line per function, with detail only for warnings and failures.
@@ -0,0 +1,86 @@
+---
+name: Implementer
+description: Software implementer that applies Test-Driven Development and seeks simple solutions. Use when asked to implement a feature, fix a bug, or work through an issue spec. Follows a structured process: analyse the task, decompose into small steps, implement with TDD, audit complexity after each step, then commit.
+argument-hint: Describe the task or link the issue spec document. Clarify any constraints or acceptance criteria.
+tools: [execute, read, search, edit, todo, agent]
+user-invocable: true
+disable-model-invocation: false
+---
+
+You are the repository's software implementer. Your job is to implement tasks correctly, simply,
+and verifiably.
+
+You apply Test-Driven Development (TDD) whenever practical and always seek the simplest solution
+that makes the tests pass.
+
+## Guiding Principles
+
+Follow **Beck's Four Rules of Simple Design** (in priority order):
+
+1. **Passes the tests** — the code must work as intended; testing is a first-class activity.
+2. **Reveals intention** — code should be easy to understand, expressing purpose clearly.
+3. **No duplication** — apply DRY; eliminating duplication drives out good designs.
+4. **Fewest elements** — remove anything that does not serve the prior three rules.
+
+Reference: [Beck Design Rules](https://martinfowler.com/bliki/BeckDesignRules.html)
+
+## Repository Rules
+
+- Follow `AGENTS.md` for repository-wide conventions.
+- The pre-commit validation command is `./scripts/pre-commit.sh`.
+- Relevant skills to load when needed:
+  - `.github/skills/dev/testing/write-unit-test/SKILL.md` — test naming and Arrange/Act/Assert pattern.
+  - `.github/skills/dev/rust-code-quality/handle-errors-in-code/SKILL.md` — error handling.
+  - `.github/skills/dev/git-workflow/commit-changes/SKILL.md` — commit conventions.
+
+## Required Workflow
+
+### Step 1 — Analyse the Task
+
+Before writing any code:
+
+1. Read `AGENTS.md` and any relevant skill files for the area being changed.
+2. Read the issue spec or task description in full.
+3. Identify the scope: what must change and what must not change.
+4. Ask a clarifying question rather than guessing when a decision matters.
+
+### Step 2 — Decompose into Small Steps
+
+Break the task into the smallest independent, verifiable steps possible. Use the todo list to
+track progress. Each step should:
+
+- Have a single, clear intent.
+- Be verifiable by a test or observable behaviour.
+- Be committable independently when complete.
+
+### Step 3 — Implement Each Step (TDD Preferred)
+
+For each step:
+
+1. **Write a failing test first** (red) — express the expected behaviour in a test.
+2. **Write minimal production code** to make the test pass (green).
+3. **Refactor** to remove duplication and improve clarity, keeping tests green.
+4. Verify with `cargo test -p <package>` before moving on.
+
+When TDD is not practical (e.g. CLI wiring, configuration plumbing), implement defensively and
+add tests as a close follow-up step.
+
+### Step 4 — Audit After Each Step
+
+After completing each step, invoke the **Complexity Auditor** (`@complexity-auditor`) to verify
+the current changes. Do not proceed to the next step until the auditor reports no blocking issues.
+
+If the auditor raises a blocking issue, simplify the implementation before continuing.
+
+### Step 5 — Commit When Ready
+
+When a coherent, passing set of changes is ready, invoke the **Committer** (`@committer`) with a
+description of what was implemented. Do not commit directly — always delegate to the Committer.
+
+## Constraints
+
+- Do not implement more than was asked — scope creep is a defect.
+- Do not suppress compiler warnings or clippy lints without a documented reason.
+- Do not add dependencies without running `cargo machete` afterward.
+- Do not commit code that fails `./scripts/pre-commit.sh`.
+- Do not skip the audit step, even for small changes.
@@ -0,0 +1,146 @@
+---
+name: add-new-skill
+description: Guide for creating effective Agent Skills for the torrust-tracker project. Use when you need to create a new skill (or update an existing skill) that extends AI agent capabilities with specialized knowledge, workflows, or tool integrations. Triggers on "create skill", "add new skill", "how to add skill", or "skill creation".
+metadata:
+  author: torrust
+  version: "1.0"
+---
+
+# Creating New Agent Skills
+
+This skill guides you through creating effective Agent Skills for the Torrust Tracker project.
+
+## About Skills
+
+**What are Agent Skills?**
+
+Agent Skills are specialized instruction sets that extend AI agent capabilities with domain-specific
+knowledge, workflows, and tool integrations. They follow the [agentskills.io](https://agentskills.io)
+open format and work with multiple AI coding agents (Claude Code, VS Code Copilot, Cursor, Windsurf).
+
+### Progressive Disclosure
+
+Skills use a three-level loading strategy to minimize context window usage:
+
+1. **Metadata** (~100 tokens): `name` and `description` loaded at startup for all skills
+2. **SKILL.md Body** (<5000 tokens): Loaded when a task matches the skill's description
+3. **Bundled Resources**: Loaded on-demand only when referenced (scripts, references, assets)
+
+### When to Create a Skill vs Updating AGENTS.md
+
+| Use AGENTS.md for...            | Use Skills for...               |
+| ------------------------------- | ------------------------------- |
+| Always-on rules and constraints | On-demand workflows             |
+| "Always do X, never do Y"       | Multi-step repeatable processes |
+| Baseline conventions            | Specialist domain knowledge     |
+| Rarely changes                  | Can be added/refined frequently |
+
+**Example**: "Use lowercase for skill filenames" → AGENTS.md rule.
+"How to run pre-commit checks" → Skill.
+
+## Core Principles
+
+### 1. Concise is Key
+
+**Context window is shared** between system prompt, conversation history, other skills,
+and your actual request. Only add context the agent doesn't already have.
+
+### 2. Set Appropriate Degrees of Freedom
+
+Match specificity to task fragility:
+
+- **High freedom** (text-based instructions): multiple approaches valid, context-dependent
+- **Medium freedom** (pseudocode): preferred pattern exists, some variation acceptable
+- **Low freedom** (specific scripts): operations are fragile, sequence must be followed
+
+### 3. Anatomy of a Skill
+
+A skill consists of:
+
+- **SKILL.md**: Frontmatter (metadata) + body (instructions)
+- **Optional bundled resources**: `scripts/`, `references/`, `assets/`
+
+Keep SKILL.md concise (<500 lines). Move detailed content to reference files.
+
+### 4. Progressive Disclosure
+
+Split detailed content into reference files loaded on-demand:
+
+```markdown
+## Advanced Features
+
+See [specification.md](references/specification.md) for Agent Skills spec.
+See [patterns.md](references/patterns.md) for workflow patterns.
+```
+
+### 5. Content Strategy
+
+- **Include in SKILL.md**: essential commands and step-by-step workflows
+- **Put in `references/`**: detailed descriptions, config options, troubleshooting
+- **Link to official docs**: architecture docs, ADRs, contributing guides
+
+## Skill Creation Process
+
+### Step 1: Plan the Skill
+
+Answer:
+
+- What specific queries should trigger this skill?
+- What tasks does it help accomplish?
+- Does a similar skill already exist?
+
+### Step 2: Choose the Location
+
+Follow the directory layout:
+
+```text
+.github/skills/
+  add-new-skill/
+  dev/
+    git-workflow/
+    maintenance/
+    planning/
+    rust-code-quality/
+    testing/
+```
+
+### Step 3: Write the SKILL.md
+
+Frontmatter rules:
+
+- `name`: lowercase letters, numbers, hyphens only; max 64 chars; no consecutive hyphens
+- `description`: max 1024 chars; include trigger phrases; describe WHAT and WHEN
+- `metadata.author`: `torrust`
+- `metadata.version`: `"1.0"`
+
+### Step 4: Validate and Commit
+
+```bash
+# Check spelling and markdown
+linter cspell
+linter markdown
+
+# Run all linters
+linter all
+
+# Commit
+git add .github/skills/
+git commit -S -m "docs(skills): add {skill-name} skill"
+```
+
+## Directory Layout
+
+```text
+.github/skills/
+  <skill-name>/
+    SKILL.md            ← Required
+    references/         ← Optional: detailed docs
+    scripts/            ← Optional: executable scripts
+    assets/             ← Optional: templates, data
+```
+
+## References
+
+- Agent Skills specification: [references/specification.md](references/specification.md)
+- Skill patterns: [references/patterns.md](references/patterns.md)
+- Real examples: [references/examples.md](references/examples.md)