the-own-lab/verify
skills/verify/SKILL.md
Post-code check: run tests + confirm TODO acceptance items map to passing tests; applies a security lens but is not a separate scan.
development
Updated Apr 22, 2026
$ install --global
skillsauthnpx skillsauth add the-own-lab/Claude-company-of-one verifyInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 22, 2026, 11:18 AM119.3s1 file scanned
SKILL.md
- name:
- verify
- description:
- Post-code check: run tests + confirm TODO acceptance items map to passing tests; applies a security lens but is not a separate scan.
verify
Purpose
Close the loop between spec and code. Run the test suite, then match TODO/REQ
acceptance criteria to actual passing tests. verify ≠ tdd: tdd writes one test
at a time; verify inspects the whole delivered state before update-docs.
Inputs
BRIEF.md## Current Contract,### Requirements Summary, and### TODO In Scope(requirement list, acceptance criteria, and scoped TODOs already folded in byread-brief).BRIEF.md## Test Plan(produced earlier bytest-planandtdd).- The actual test command(s) for the project (derive from
package.json,project.json,mise.toml, or ask user if unclear). - Does NOT re-open REQUIREMENTS.md / TODO.md itself; the brief is authoritative.
Outputs
- Pass/fail summary written to the brief under
## Assumptionsasverify: all REQs mapped to passing testsor a list of gaps. - If gaps found, items appended to
## Open Questionsfor follow-up.
Procedure
- Run unit tests via
pnpm nx test <project>(or equivalent). Capture result. - Run e2e/integration tests if the project defines them.
- For every REQ summarized in the brief's
### Requirements Summary, locate at least one test exercising its acceptance. - For every TODO item the brief records as in-flight for this run, confirm the code actually delivers it.
- Apply the security lens (absorbed from the retired
security-scanskill):- new user-input boundaries without validation?
- new secrets / env vars / tokens in committed code?
- new file-path / shell-exec / SQL construction from user data? Flag findings as plausible risks, not confirmed vulns, unless the evidence is explicit.
- If any check fails, leave the work incomplete; do NOT proceed to
update-docs.
Failure modes
- Test command fails due to missing runtime → stop and surface the mise/pnpm issue rather than marking verify pass.
- REQ has no test coverage → gap; append to
## Open Questions. User decides whether to add a test now or defer. - Security lens produces > 3 findings → likely systemic; recommend a full
/review.
Does not do
- Does not write new tests (that is
tdd). - Does not decide WHAT to test (that is
test-plan). - Does not tick TODO boxes (that is
update-docs). - Does not replace
/reviewLayer 2 red-team analysis.
Related Skills
the-own-lab/write-brief
documentation
VerifiedTrustedCommunity
Update BRIEF.md sections during a command run. Any skill that produces a brief-persisted artifact calls this to write it back.
SKILL.mdUpdated Apr 22, 2026
the-own-lab/update-docs
documentation
VerifiedTrustedCommunity
Command post-step: write CHANGELOG + TODO once per command run. One call, not per-skill doc writes.
SKILL.mdUpdated Apr 22, 2026
the-own-lab/spec-writing
content-media
VerifiedTrustedCommunity
Author REQUIREMENTS.md + DESIGN.md + TODO.md for a feature. The three files are one contract; they ship together.
SKILL.mdUpdated Apr 22, 2026
the-own-lab/spec-conformance
testing
VerifiedTrustedCommunity
/review Layer 1 auditor + /think self-review. Three contexts: think-self-review, review-spec, review-implementation. Also judges reconstruction drills.
SKILL.mdUpdated Apr 22, 2026