docs: add portable llm-project-workflow skill + templates (#46)

Extract the project's operating rules into a reusable, project-agnostic skill
so any repo can adopt the same safe LLM workflow.

- skills/llm-project-workflow/SKILL.md: issue-first; isolated branch worktrees
  (main checkout = orchestration only); distinct author/reviewer identities and
  profile safety (secrets by reference only; stop if authenticated user == PR
  author); branch naming; start/review/merge/cleanup workflows; fail-closed
  cases; recovery patterns; and an "Adapting to a project" table for the
  forge-specific names.
- templates/: copy/paste prompts for start-issue, review-pr, merge-pr,
  recover-bad-state, worktree-cleanup.
- Link the skill from README.md and docs/llm-workflow-runbooks.md (the runbook
  is framed as the Gitea-specific application of the portable skill).

Docs-only; no code, no secrets, safe placeholder examples only. No change to
MCP runtime, Gitea API, credential storage, or worktree helpers.

Checks: full suite 287 passed / 0 failures; git diff --check clean; secret scan
of skills/ clean.

Closes #46. Refs #38, #39.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
2026-07-02 03:26:25 -04:00
parent 92b449f080
commit 00ec883014
8 changed files with 280 additions and 273 deletions
@@ -1,34 +1,26 @@
# Review PR Prompt
# Template: review a PR
You are independently reviewing PR `<pr-number>` in `<repo-name>`.
Copy, fill the `<...>` fields, and paste as the task prompt.
Hard gate:
```text
Task: review PR #<pr> for issue #<n>.
- Verify authenticated identity.
- Verify PR author.
- If authenticated user matches the PR author, stop immediately.
- Do not approve or merge unless reviewer-eligible.
Rules (llm-project-workflow):
- Review in a SEPARATE detached review worktree, never the author's folder.
- You must NOT be the PR author. If the authenticated user == PR author, stop.
- Do not merge if any check fails.
Workflow:
Steps:
1. Verify your authenticated identity (whoami) and the active profile.
2. Fetch the PR facts: PR author, head SHA, state (must be open), base branch.
3. If authenticated user == PR author → STOP (no self-review).
4. scripts/worktree-review <pr-head-branch> # detached, branches/review-*
cd branches/review-<pr-head-branch-slug>
5. Confirm the worktree is clean. Inspect the FULL diff; confirm scope matches
issue #<n>; flag any unrelated files, secrets, or formatting churn.
6. Run the test suite; note results.
7. Post the review verdict: approve only if scope is clean and checks pass;
otherwise request changes with specifics. Never merge from this review step.
1. Create or use a separate review worktree.
2. Fetch/prune.
3. Confirm PR `<pr-number>` is open and targets `<default-branch>`.
4. Confirm the PR head is `<expected-commit>` or includes it.
5. Confirm changed files match the issue scope.
6. Inspect the diff for correctness, secrets, unrelated behavior, and forbidden
changes.
7. Run `<required-checks>`.
8. If anything fails, leave exact blockers and do not approve.
9. If everything passes, approve only if reviewer-eligible.
Report:
- authenticated user
- PR author
- eligibility result
- commit reviewed
- files changed
- checks run and results
- blockers or risks
- final PR URL
Handoff: reviewer identity, PR author, scope verdict, checks + results, decision.
```