openai/changeset-validation
.agents/skills/changeset-validation/SKILL.md
Validate changesets in openai-agents-js using LLM judgment against git diffs (including uncommitted local changes). Use when packages/ or .changeset/ are modified, or when verifying PR changeset compliance and bump level.
$ install --global
skillsauthnpx skillsauth add openai/openai-agents-js changeset-validationInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 16, 2026, 5:18 AM34.5s7 files scanned
SKILL.md
- name:
- changeset-validation
- description:
- Validate changesets in openai-agents-js using LLM judgment against git diffs (including uncommitted local changes). Use when packages/ or .changeset/ are modified, or when verifying PR changeset compliance and bump level.
Changeset Validation
Overview
This skill validates whether changesets correctly reflect package changes and follow the repository rules. It relies on the shared prompt in references/validation-prompt.md so local Codex reviews and GitHub Actions share the same logic.
Experimental or preview-only feature additions that are explicitly labeled as such in the diff may remain a patch bump when they do not change existing behavior.
Major bumps are only allowed after the first major release; before that, do not use major bumps for feature-level changes.
Quick start
Local (Codex-driven):
- Run:
pnpm changeset:validate-prompt - Apply the rules from
references/validation-prompt.mdto the generated prompt. - Respond with a JSON verdict containing ok/errors/warnings/required_bump (English-only strings).
CI (Codex Action):
- Run:
pnpm changeset:validate-prompt -- --ci --output .github/codex/prompts/changeset-validation.generated.md - Use
openai/codex-actionwith the generated prompt and JSON schema to get a structured verdict.
Workflow
- Generate the prompt context via
pnpm changeset:validate-prompt. - Apply the rules in
references/validation-prompt.mdto judge correctness. - Provide a clear verdict and required bump (patch/minor/major/none).
- If the changeset needs edits, update it and re-run the validation.
Branch-level changeset rule (do not skip)
- If any
.changeset/*.mdfile is already present in the current branch diff, treat it as the active changeset. Do not add a new changeset file. - Instead, update the existing changeset file by rewriting its summary to reflect the primary change relative to
main. Do not try to capture every incremental update. - Keep the summary at one line; replace the line as needed rather than appending. If you must include multiple points, compress them into a single line.
Shared source of truth
- Keep the prompt file as the single source of validation rules.
- Keep the script lightweight: it should only gather context and emit the prompt.
Resources
references/validation-prompt.md
Related Skills
openai/invoice-total-fixer
business
VerifiedTrustedCommunity
Use when fixing invoice total calculations in the sandbox quickstart repository.
2,944SKILL.mdUpdated May 6, 2026
openai/credit-note-fixer
development
VerifiedTrustedCommunity
Fix the tiny credit-note formatting bug and rerun the exact targeted test command.
2,933SKILL.mdUpdated May 5, 2026
openai/csv-workbench
testing
VerifiedTrustedCommunity
Analyze CSV files in /mnt/data and return concise numeric summaries.
2,656SKILL.mdUpdated Apr 16, 2026
openai/test-coverage-improver
testing
VerifiedTrustedCommunity
Improve test coverage in the OpenAI Agents JS monorepo: run `pnpm test:coverage`, inspect coverage artifacts, identify low-coverage files and branches, propose high-impact tests, and confirm with the user before writing tests.
2,656SKILL.mdUpdated Apr 16, 2026