jamie-bitflight/perl-validate
plugins/perl-development/skills/perl-validate/SKILL.md
This skill should be used when the user asks to "validate Perl script", "check Perl syntax", "verify Perl code", "/perl-validate", or mentions script validation, compile check, security review, or best practice compliance for Perl code.
$ install --global
skillsauthnpx skillsauth add jamie-bitflight/claude_skills perl-validateInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 20, 2026, 7:04 AM23.0s2 files scanned
SKILL.md
- name:
- perl-validate
- description:
- This skill should be used when the user asks to "validate Perl script", "check Perl syntax", "verify Perl code", "/perl-validate", or mentions script validation, compile check, security review, or best practice compliance for Perl code.
- allowed-tools:
- Bash(perl -c:*), Bash(perl -wc:*), Bash(perlcritic:*), Read, Grep, Glob
Perl Script Validation
Comprehensive validation of Perl scripts for syntax, security, and best practices.
Validation Checklist
- Syntax check (
perl -c) - Essential pragmas verification
- Security pattern review
- Best practice compliance
- Documentation check
Syntax Validation
Basic Compile Check
# Check syntax
perl -c script.pl
# With warnings
perl -wc script.pl
# Check module
perl -c -I lib lib/MyApp/Module.pm
Expected Output
Success:
script.pl syntax OK
Failure:
syntax error at script.pl line 15, near "my $"
script.pl had compilation errors.
Essential Pragmas Check
Every production script MUST have:
#!/usr/bin/env perl
use strict;
use warnings;
use autodie; # For scripts with file operations
Validation Pattern
# Check for strict
grep -l 'use strict' script.pl || echo "MISSING: use strict"
# Check for warnings
grep -l 'use warnings' script.pl || echo "MISSING: use warnings"
# Check shebang
head -1 script.pl | grep -q '^#!' || echo "MISSING: shebang line"
Security Validation
Critical Checks
| Issue | Pattern to Find | Fix |
| ------------------------ | --------------------- | ----------------------- |
| Two-arg open | open\s+\w+,\s*[^<>] | Use 3-arg open |
| Backticks with variables | `.*\$` | Use IPC::System::Simple |
| eval with string | eval\s+" | Use eval block |
| No taint mode | #!/.*perl\s*$ | Add -T flag |
Security Check Commands
# Find two-argument open
grep -n 'open\s\+[A-Z]\+\s*,' script.pl
# Find unsafe backticks
grep -n '`.*\$' script.pl
# Find string eval
grep -n 'eval\s*"' script.pl
# Check for system with string
grep -n 'system\s*"' script.pl
Best Practices Validation
Variable Declarations
# Find undeclared variables (after perl -c passes)
# These would be caught by strict, but double-check:
grep -n '\$[a-z_][a-z0-9_]*\s*=' script.pl | head -20
Function Definitions
Check for proper function structure:
# Good pattern
sub function_name {
my ($arg1, $arg2) = @_;
# ...
}
# Check for named parameters
grep -n 'sub.*{' script.pl
Error Handling
# Find eval blocks without error check
grep -n 'eval\s*{' script.pl
# These should be followed by or do { } patterns
Documentation Validation
POD Check
# Validate POD syntax
podchecker script.pl
# Check for POD presence
perl -MPod::Usage -e 'pod2usage(-input => shift)' script.pl >/dev/null 2>&1 || echo "No POD documentation"
Required POD Sections
# Check for NAME section
grep -l '^=head1 NAME' script.pl || echo "MISSING: =head1 NAME"
# Check for SYNOPSIS
grep -l '^=head1 SYNOPSIS' script.pl || echo "MISSING: =head1 SYNOPSIS"
Comprehensive Validation Script
Run complete validation:
Code examples
Quick Validation Commands
Syntax only:
perl -wc script.pl
Pragmas check:
head -10 script.pl | grep -E 'use (strict|warnings|autodie)'
Security scan:
perlcritic --severity 5 script.pl
Full validation:
perl -wc script.pl && \
grep -q 'use strict' script.pl && \
grep -q 'use warnings' script.pl && \
echo "Basic validation passed"
Fixing Common Issues
Missing strict/warnings
Add to top of script:
use strict;
use warnings;
Two-argument open
# Wrong
open FILE, $filename;
# Correct
open my $fh, '<', $filename;
Unsafe system calls
# Wrong
system("rm $file");
`ls $dir`;
# Correct
use IPC::System::Simple qw(system capture);
system('rm', $file);
my $output = capture('ls', $dir);
Missing error handling
# Wrong
open my $fh, '<', $file;
# Correct (with autodie)
use autodie;
open my $fh, '<', $file;
# Or explicit
open my $fh, '<', $file
or die "Cannot open $file: $!";
Related Skills
jamie-bitflight/xdg-base-directory
development
VerifiedTrustedCommunity
When an application needs to store config, data, cache, or state files. When designing where user-specific files should live. When code writes to ~/.appname or hardcoded home paths. When implementing cross-platform file storage with platformdirs.
39SKILL.mdUpdated Apr 30, 2026
jamie-bitflight/verification-gate
testing
VerifiedTrustedCommunity
Enforce mandatory pre-action verification checkpoints to prevent pattern-matching from overriding explicit reasoning. Use this skill when about to execute implementation actions (Bash, Write, Edit) to verify hypothesis-action alignment. Blocks execution when hypothesis unverified or action targets different system than hypothesis identified. Critical for preventing cognitive dissonance where correct diagnosis leads to wrong implementation.
39SKILL.mdUpdated Apr 30, 2026
jamie-bitflight/twelve-factor-app
tools
VerifiedTrustedCommunity
Reference guide for the Twelve-Factor App methodology — 15 principles (12 original + 3 modern extensions) for building portable, resilient, cloud-native applications. Use when evaluating application architecture, designing cloud-native services, reviewing codebases for methodology compliance, advising on configuration, scaling, observability, security, and deployment patterns. Incorporates the 2025 open-source community evolution and cloud-native reinterpretations of each factor.
39SKILL.mdUpdated Apr 30, 2026
jamie-bitflight/user-docs-to-ai-skill
tools
VerifiedTrustedCommunity
Converts user-facing documentation (how-to guides, tutorials, API references, examples) in any format — Markdown, PDF, DOCX, PPTX, XLSX, AsciiDoc, RST, HTML, Jupyter notebooks, man pages, TOML/YAML/JSON configs, and plain text — into Claude Code skill directories with SKILL.md plus thematically grouped references/*.md files. Use when given a docs directory or mixed-format documentation to transform into an AI skill. Uses MCP file-reader server for binary formats.
39SKILL.mdUpdated Apr 30, 2026