Software best practices don't fail because teams don't know them — they fail because nobody enforces them.
The gap between knowing and doing is not a knowledge problem — it's an enforcement problem.
| What we KNOW | What we DO | What gets ENFORCED |
|---|---|---|
| Commit conventions | Sometimes | Almost never |
| No secrets in code | After the incident | Sporadically |
| Tests before merge | On new projects | Until there's pressure |
| Traceable issues | On "important" PRs | When there's an audit |
| Definition of Done | In retros | Never mechanically |
4 skills. 15+ automated actions. Full audit trail.
gitleaks + issue-ref hook. Won't let you commit bad code.
Tests + gitleaks. If it fails, auto-creates bug in Linear.
close_issue.sh with 3 gates. Won't let you close without evidence.
PR → In Progress, merge → Done. Status syncs automatically.
A secret blocked in real time — it never reaches GitHub.
Intelligent commands the agent executes: /create-issue, /start-issue, /close-issue, /status. Each one orchestrates multiple harness actions.
Validation scripts that enforce rules: linear_client.py, close_issue.sh, check_issue_ref.sh. ~415 lines total.
Automatic triggers that fire on git events. Pre-commit scans for secrets. Commit-msg validates issue references.
The agent's rulebook. Defines available skills, harness rules, commit format, and what's forbidden.
Fork the repo. Star it. Adapt it to your team.