nwiizo/.claude/skills/hitl-approval
.claude/skills/hitl-approval/SKILL.md
# HITL (Human-in-the-Loop) Approval Workflow Multi-step workflow for human approval integration in ccswarm agent operations. ## Overview This skill guides you through implementing and using human-in-the-loop approval mechanisms for high-risk agent operations. ## When HITL is Required ### High-Risk Operations - File deletions - Database modifications - External API calls - Configuration changes - Deployment actions ### Risk Levels | Level | Action | HITL Required | |-------|--------|-------
$ install --global
skillsauthnpx skillsauth add nwiizo/ccswarm .claude/skills/hitl-approvalInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 8, 2026, 2:37 AM4.5s1 file scanned
SKILL.md
HITL (Human-in-the-Loop) Approval Workflow
Multi-step workflow for human approval integration in ccswarm agent operations.
Overview
This skill guides you through implementing and using human-in-the-loop approval mechanisms for high-risk agent operations.
When HITL is Required
High-Risk Operations
- File deletions
- Database modifications
- External API calls
- Configuration changes
- Deployment actions
Risk Levels
| Level | Action | HITL Required | |-------|--------|---------------| | Low | Read operations | No | | Medium | Local file writes | Optional | | High | External modifications | Yes | | Critical | Production changes | Always |
Implementation
1. HITL Configuration
// ccswarm.json
{
"hitl": {
"enabled": true,
"risk_threshold": 3,
"auto_approve_patterns": [
"*.md",
"docs/*",
"*.test.rs"
],
"always_require": [
".env*",
"Cargo.toml",
"production/*"
],
"timeout_seconds": 300
}
}
2. Approval Request Format
pub struct ApprovalRequest {
pub id: Uuid,
pub agent_id: String,
pub operation: OperationType,
pub target: String,
pub risk_score: u8,
pub context: String,
pub timeout: Duration,
}
pub enum ApprovalStatus {
Pending,
Approved { by: String, at: DateTime<Utc> },
Rejected { by: String, reason: String },
TimedOut,
}
Workflow
1. Request Approval
# Agent requests approval
ccswarm hitl request \
--operation "delete" \
--target "src/legacy/old_module.rs" \
--reason "Removing deprecated module" \
--risk-score 4
# Output: Approval request ID: abc123
2. Review Pending Requests
# List pending approvals
ccswarm hitl list
# View details
ccswarm hitl show abc123
3. Approve/Reject
# Approve with comment
ccswarm hitl approve abc123 --comment "Verified module is unused"
# Reject with reason
ccswarm hitl reject abc123 --reason "Module still referenced in tests"
4. Check Status
# Check approval status
ccswarm hitl status abc123
TUI Integration
The HITL system integrates with ccswarm's TUI:
┌─────────────────────────────────────────┐
│ Pending Approvals (2) │
├─────────────────────────────────────────┤
│ [!] abc123 - Delete old_module.rs │
│ Risk: 4/5 Agent: backend-agent │
│ Requested: 2 min ago │
│ │
│ [!] def456 - Modify Cargo.toml │
│ Risk: 3/5 Agent: devops-agent │
│ Requested: 5 min ago │
├─────────────────────────────────────────┤
│ [A]pprove [R]eject [D]etails [Q]uit │
└─────────────────────────────────────────┘
Best Practices
For Agents
- Always provide clear context
- Calculate accurate risk scores
- Break large operations into smaller requests
- Handle timeout gracefully
For Reviewers
- Review operation context thoroughly
- Check affected files/systems
- Verify agent has appropriate scope
- Document approval/rejection reasons
Notifications
Slack Integration
# Configure webhook
ccswarm config set hitl.slack_webhook "https://hooks.slack.com/..."
# Notifications sent for:
# - New high-risk requests
# - Approaching timeouts
# - Auto-approved operations
Email Notifications
ccswarm config set hitl.email "[email protected]"
Audit Trail
All HITL decisions are logged:
# View audit log
ccswarm hitl audit --last 24h
# Export for compliance
ccswarm hitl audit --format json > hitl_audit.json
Emergency Override
For critical situations:
# Emergency approval (requires sudo/admin)
ccswarm hitl emergency-approve abc123 \
--reason "Production incident mitigation" \
--admin-key $ADMIN_KEY
Configuration Options
| Option | Default | Description |
|--------|---------|-------------|
| timeout_seconds | 300 | Time before request expires |
| risk_threshold | 3 | Risk level requiring HITL |
| max_pending | 10 | Max pending per agent |
| auto_reject_timeout | false | Auto-reject on timeout |
Related Skills
nwiizo/.claude/skills/rust-agent-specialist
development
VerifiedTrustedCommunity
# Rust Agent Specialist Workflow Apply Rust-native patterns to ccswarm codebase development. ## Overview This skill provides guidance for implementing Rust-idiomatic patterns in the ccswarm multi-agent orchestration system. ## Core Patterns ### Type-State Pattern Compile-time state validation with zero runtime cost. ```rust // State types pub struct Uninitialized; pub struct Initialized; pub struct Running; pub struct Agent<State> { inner: AgentInner, _state: PhantomData<State>,
135SKILL.mdUpdated Apr 8, 2026
nwiizo/.claude/skills/git-worktree
development
VerifiedTrustedCommunity
# Git Worktree Workflow Multi-step workflow for parallel development using git worktrees. ## Overview Git worktree allows working on multiple branches simultaneously. Each worktree is an independent working directory with its own branch. ## Setup Workflow ### 1. Create Feature Worktree ```bash git worktree add ../ccswarm-feature-<name> feature/<description> ``` ### 2. Create Bug Fix Worktree ```bash git worktree add ../ccswarm-bugfix-<name> hotfix/<description> ``` ### 3. Create Experimen
135SKILL.mdUpdated Apr 8, 2026
nwiizo/.claude/skills/deploy-workflow
tools
VerifiedTrustedCommunity
# Deploy Workflow Multi-step workflow for deploying ccswarm releases. ## Overview This skill guides you through the complete deployment process for ccswarm releases, from building to publishing. ## Pre-Deployment Checklist ### 1. Version Update ```bash # Update version in Cargo.toml files # Root workspace # crates/ccswarm/Cargo.toml # crates/ai-session/Cargo.toml ``` ### 2. Quality Gates ```bash # Run full quality check cargo fmt --all cargo clippy --workspace -- -D warnings cargo test --w
135SKILL.mdUpdated Apr 8, 2026
nwiizo/.claude/skills/benchmark-runner
testing
VerifiedTrustedCommunity
# Benchmark Runner Workflow Multi-step workflow for running performance benchmarks on ccswarm. ## Overview This skill guides you through running, analyzing, and comparing performance benchmarks for the ccswarm system. ## Benchmark Types ### 1. Microbenchmarks Fine-grained performance measurements for specific functions. ### 2. Integration Benchmarks End-to-end performance for complete workflows. ### 3. Load Testing System behavior under sustained load. ## Running Benchmarks ### 1. Setup
135SKILL.mdUpdated Apr 8, 2026