0xplaygrounds/.claude/skills/rig-review
.claude/skills/rig-review/SKILL.md
<!-- This file is generated by scripts/sync_agent_instruction_files.sh. --> <!-- Do not edit this file directly; update AGENTS.md and re-run the sync script. --> --- name: rig-review description: > Review Rig changes against mandatory quality gates before opening a PR. Use before submitting code to verify error handling, WASM compatibility, coding style, and required checks pass. allowed-tools: - Read - Glob - Grep - Bash --- # Rig Pre-PR Review Perform a Rig-focused pre-PR revie
$ install --global
skillsauthnpx skillsauth add 0xplaygrounds/rig .claude/skills/rig-reviewInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Error
VirusTotalMulti-engine malware detection
70%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Mar 24, 2026, 2:22 PM45.5s1 file scanned
SKILL.md
<!-- This file is generated by scripts/sync_agent_instruction_files.sh. -->
<!-- Do not edit this file directly; update AGENTS.md and re-run the sync script. -->
name: rig-review description: > Review Rig changes against mandatory quality gates before opening a PR. Use before submitting code to verify error handling, WASM compatibility, coding style, and required checks pass. allowed-tools:
- Read
- Glob
- Grep
- Bash
Rig Pre-PR Review
Perform a Rig-focused pre-PR review.
Required output format:
- List blocking issues first with file and line references.
- List medium/low-risk issues second.
- Confirm required checks and test evidence.
- Explicitly state whether public API changed.
- If no issues are found, say so and note residual risk.
rig-prompt-hooks
Prompt hooks allow observing and controlling the agent's execution lifecycle.
The PromptHook Trait
PromptHook<M> provides callbacks for both streaming and non-streaming requests. All methods have default implementations — implement only what you need.
Hook Callbacks
on_completion_call- Before sending prompt to model (returnsHookAction)on_completion_response- After receiving response (returnsHookAction)on_tool_call- Before invoking a tool (returnsToolCallHookAction)on_tool_result- After tool returns result (returnsHookAction)on_text_delta- During streaming, on each text chunk (returnsHookAction)on_tool_call_delta- During streaming, on each tool call chunk (returnsHookAction)
Control Flow
ToolCallHookAction::Continue(or.cont()) - Allow tool executionToolCallHookAction::Skip { reason }(or.skip("reason")) - Reject tool; reason becomes tool resultToolCallHookAction::Terminate { reason }(or.terminate("reason")) - Terminate the agentic loop earlyHookAction::Continue(or.cont()) - Continue normal executionHookAction::Terminate { reason }(or.terminate("reason")) - Terminate the agentic loop early
Design Rationale
- Default implementations - All methods have defaults; implement only what you need
- Per-request hooks - Attached via
.with_hook(), not globally - WASM compatible - Uses
WasmCompatSend/WasmCompatSyncbounds
rig-quality-gates
Trait Bounds
Use full where clause syntax for readability:
// Correct
impl<T> CompletionModel for MyModel<T>
where
T: HttpClientExt + Clone + WasmCompatSend + Debug + Default + 'static,
{
// ...
}
// Avoid inline bounds for complex signatures
impl<T: HttpClientExt + Clone + WasmCompatSend + Debug + Default + 'static> CompletionModel for MyModel<T> {
// ...
}
Error Handling
DO NOT use String as an error type. Define proper error enums:
// Correct
#[derive(Debug, thiserror::Error)]
pub enum MyError {
#[error("Failed to parse response: {0}")]
ParseError(#[from] serde_json::Error),
#[error("Provider returned error: {0}")]
ProviderError(String),
}
// Absolutely forbidden
fn do_thing() -> Result<(), String> // NO
DO NOT stub out error handling:
// Forbidden
let result = fallible_operation().unwrap(); // NO
let result = fallible_operation().expect("this should work"); // NO unless truly impossible
// Correct
let result = fallible_operation()?;
let result = fallible_operation().map_err(MyError::from)?;
Comments
Comments explain WHY, not WHAT.
If you need to explain what code is doing, the code itself is unclear. Rename variables, extract functions, or restructure.
// Bad - explains what
// Increment counter by one
counter += 1;
// Bad - explains what
// Check if user is admin
if user.role == Role::Admin {
// Good - explains why
// Rate limiting resets at midnight UTC, so we need the day boundary
let boundary = timestamp.truncate_to_day();
// Good - explains non-obvious business logic
// Providers may return tool calls split across multiple chunks,
// so we accumulate them by index until the stream ends
Documentation
- Add doc comments (
///) to all public items - Add module-level documentation (
//!) to modules - Include usage examples in doc comments where helpful
TODO Items
TODO items are not allowed in submitted code.
If you need a TODO, the implementation is incomplete. Either:
- Complete the implementation
- Don't submit it yet
- Create a separate issue tracking the future work
// Forbidden
fn process() {
// TODO: handle edge case
}
// Forbidden
fn process() {
unimplemented!("will add later")
}
Before Submitting
Required Checks
Run these commands and fix all issues before submitting:
cargo fmt
cargo clippy --all-targets --all-features
cargo test
If you cannot run these commands (e.g., environment limitations), explicitly ask the user to run them before the PR is submitted.
Architectural Changes
If your change involves:
- New traits or significant trait modifications
- Changes to the client/provider architecture
- New abstractions or patterns
- Breaking changes to public APIs
Discuss with the user first. Do not implement major architectural changes without explicit approval. Open an issue for discussion if needed.
Self-Review Checklist
Before considering code complete:
- [ ] All error cases handled properly (no
.unwrap()or.expect()on fallible operations unless truly impossible) - [ ] No
Stringerror types - [ ] No TODO comments
- [ ] No stubbed implementations
- [ ] Comments explain "why", not "what"
- [ ] Uses
WasmCompatSend/WasmCompatSyncinstead ofSend/Sync - [ ] Follows existing code patterns in the codebase
- [ ] Includes tests or examples that compile
- [ ]
cargo fmtpasses - [ ]
cargo clippy --all-targets --all-featurespasses - [ ]
cargo testpasses
Commits
DO NOT MAKE COMMITS UNLESS THE USER HAS ASKED YOU TO DO SO. Users should be able to manually verify that what you have done has worked before proceeding with a commit, and may also want to write their own commit messages.
If the PR contains breaking changes, the PR message must list the public API items that have broken and the migration path for each.
What Will Be Rejected
PRs will be rejected if they contain:
- Lazy workarounds -
Stringerror types,.unwrap()everywhere, incomplete handling - TODO items - Submit complete work or don't submit
- Stubbed error handling - Every error path must be properly handled
- Provider API divergence - Don't add fields/features that don't exist in real provider APIs
- Missing WASM compatibility - Using
Send/Syncinstead ofWasmCompat*variants - Unclear code requiring explanatory comments - Refactor instead
- Architectural changes without discussion - Major changes need approval first
Remember: The quality bar exists because Rig is used in production by many projects. Every contribution must maintain that standard.
Related Skills
0xplaygrounds/rig
tools
VerifiedTrustedCommunity
Build LLM-powered applications with Rig, the Rust AI framework. Use when creating agents, RAG pipelines, tool-calling workflows, structured extraction, or streaming completions. Covers all providers with a unified API.
6,646SKILL.mdUpdated Mar 24, 2026
0xplaygrounds/.claude/skills/rig-wasm-check
tools
VerifiedTrustedCommunity
<!-- This file is generated by scripts/sync_agent_instruction_files.sh. --> <!-- Do not edit this file directly; update AGENTS.md and re-run the sync script. --> --- name: rig-wasm-check description: > Audit Rig code for WebAssembly compatibility. Use when verifying that trait bounds use WasmCompatSend/WasmCompatSync, futures use WasmBoxedFuture, and error types have proper conditional compilation. allowed-tools: - Read - Glob - Grep --- # Rig WASM Compatibility Check Audit code fo
6,646SKILL.mdUpdated Mar 24, 2026
0xplaygrounds/.claude/skills/rig-vector-store
tools
VerifiedTrustedCommunity
<!-- This file is generated by scripts/sync_agent_instruction_files.sh. --> <!-- Do not edit this file directly; update AGENTS.md and re-run the sync script. --> --- name: rig-vector-store description: > Implement a Rig vector store companion crate. Use when adding a new vector database backend (MongoDB, LanceDB, Qdrant, etc.) or reviewing an existing vector store integration. argument-hint: "[store-backend]" allowed-tools: - Read - Glob - Grep - Edit - Write - Bash --- # Rig
6,646SKILL.mdUpdated Mar 24, 2026
0xplaygrounds/.claude/skills/rig-provider
tools
VerifiedTrustedCommunity
<!-- This file is generated by scripts/sync_agent_instruction_files.sh. --> <!-- Do not edit this file directly; update AGENTS.md and re-run the sync script. --> --- name: rig-provider description: > Implement or audit a Rig model provider. Use when adding support for a new LLM API or reviewing an existing provider against the canonical checklist. Follows the OpenAI reference implementation pattern. argument-hint: "[provider-name]" allowed-tools: - Read - Glob - Grep - Edit - Wri
6,646SKILL.mdUpdated Mar 24, 2026