soyio-id/start-parity-workspace
skills/start-parity-workspace/SKILL.md
Create or reuse a coordinated Soyio parity workspace across soyio, soyio-dashboard, and soyio-embeds, then start the matching local runtimes.
tools
Updated Apr 15, 2026
$ install --global
skillsauthnpx skillsauth add soyio-id/skills start-parity-workspaceInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 15, 2026, 6:22 AM20.8s1 file scanned
SKILL.md
- name:
- start-parity-workspace
- description:
- Create or reuse a coordinated Soyio parity workspace across soyio, soyio-dashboard, and soyio-embeds, then start the matching local runtimes.
Start Parity Workspace
Overview
Use this skill when local parity matters across soyio, soyio-dashboard, and soyio-embeds.
Good fits:
- verify auth, redirects, or iframe flows across apps
- start parity for either
privacy-centerorconsent-embedinsidesoyio-embeds - spin up matching local origins for a coordinated feature
- open peer repos that should share one
WORKTREE_ID
Announce at start: "I'm using the start-parity-workspace skill to set up a coordinated Soyio parity workspace."
Inputs
Preferred input: one workspace id, for example local-parity-smoke.
Optional second input: which embeds app to start in soyio-embeds.
privacy-centerconsent-embed
Default to privacy-center unless the user explicitly asks for consent-embed.
If the workspace id is missing:
- if the current checkout is already a linked worktree and exposes
WORKTREE_ID, reuse that value - otherwise ask the user for a workspace id
If the harness offers a structured question tool, use it. Only fall back to plain text questions when the harness question tool is unavailable.
Repo assumptions
This skill is for the shared Soyio workspace containing:
soyiosoyio-dashboardsoyio-embeds
Use the same workspace id in all three repos.
Within soyio-embeds, create the matching worktree once and start the requested app with bin/worktree-up --app privacy-center or bin/worktree-up --app consent-embed.
High-level flow
- Determine the shared workspace id.
- Inspect whether matching worktrees already exist in each repo.
- Reuse existing matching worktrees where present.
- Create missing peers with repo-local
bin/worktree-addwhen available. - Start the runtimes in the right order.
- Report the local URLs and cleanup command.
Detection and reuse
For each repo:
git -C <repo-root> worktree list --porcelain
Look for a linked worktree under .worktrees/<workspace-id>.
- If it exists, reuse it.
- If it does not exist and the repo has
bin/worktree-add, create it:
bin/worktree-add <workspace-id>
- If
bin/worktree-addis missing, fall back to:
git check-ignore -q .worktrees/
mkdir -p .worktrees
git fetch origin "$(git remote show origin | awk '/HEAD branch/ {print $NF}')"
git worktree add ".worktrees/<workspace-id>" -b "<workspace-id>" "origin/$(git remote show origin | awk '/HEAD branch/ {print $NF}')"
If .worktrees/ is not ignored, stop and ask the user to add it to .gitignore first. Use the repo's default branch as the base for missing peer worktrees unless the user explicitly asks for something else.
Startup order
Start soyio first, then the frontend apps.
soyio
Run from the linked worktree:
bin/worktree-up -d
If the user does not want portless, use USE_PORTLESS=0 bin/worktree-up -d. Otherwise rely on the repo helper to auto-start the proxy when needed.
soyio-dashboard
Run from the linked worktree:
bin/worktree-up
soyio-embeds
Run from the linked worktree:
bin/worktree-up --app <privacy-center|consent-embed>
If the user only wants peer worktrees created but not started, do not auto-start them. Ask once before starting if that was not explicit. Use the harness question tool when available.
Env reporting
After creation or startup, run bin/worktree-env in each repo when available and report the key values:
soyio:APPLICATION_HOSTsoyio-dashboard:DASHBOARD_APP_ORIGIN,VITE_API_URLsoyio-embedswhen usingprivacy-center:PRIVACY_CENTER_APP_ORIGIN,VITE_API_URL,VITE_ACTION_CABLE_URLsoyio-embedswhen usingconsent-embed:CONSENT_EMBED_APP_ORIGIN,VITE_API_URL
Aggregate those repo-scoped values into one parity summary so the user gets one copy-pasteable set of URLs for the whole workspace.
Cleanup
For the full parity workspace, prefer the tracked cleanup command from soyio:
bin/workspace-rm <workspace-id>
Add --purge-data only when the user explicitly wants the linked-worktree Docker volumes removed.
Safety rules
- Never mix different workspace ids across
soyio,soyio-dashboard, andsoyio-embeds. - Never assume fixed localhost ports; prefer
bin/worktree-envoutput. - Reuse an existing matching worktree instead of creating duplicates.
- Warn clearly if the task only changed
soyio, or ifsoyio-dashboardorsoyio-embedsworktrees were intentionally skipped or could not be started, because parity still needs verification in those cases.
When not to use this skill
- The task only needs one repo in isolation.
- The user is just reviewing one PR or one branch.
In those cases, use create-worktree instead.
Related Skills
soyio-id/using-git-worktrees
tools
VerifiedTrustedCommunity
Use when starting feature work that needs isolation from current workspace or before executing implementation plans - creates isolated git worktrees with smart directory selection and safety verification
SKILL.mdUpdated Apr 15, 2026
soyio-id/prepare-security-prs
testing
VerifiedTrustedCommunity
Triage and prepare automated dependency security PRs for merge with minimal risk. Identify bot PRs that need intervention, resolve required issues only, refresh stale branches safely, detect superseded PRs, and keep diffs dependency-focused.
SKILL.mdUpdated Apr 15, 2026
soyio-id/fix-vulnerabilities
testing
VerifiedTrustedCommunity
Fix multiple dependency vulnerabilities across multiple repos. Parses Vanta-style vulnerability entries, groups by repo, creates a single fix branch per repo, applies all fixes, verifies compatibility, and creates PRs after user approval. Use when the user says '/fix-vulnerabilities' or asks to fix vulnerabilities across repos.
SKILL.mdUpdated Apr 15, 2026
soyio-id/create-worktree
tools
VerifiedTrustedCommunity
Create an isolated worktree for a new branch, existing branch, or PR review. Prefer repo-local worktree commands when they exist, and fall back to vanilla git worktrees otherwise.
SKILL.mdUpdated Apr 15, 2026