devcheck

Lint, format, typecheck, and verify the project is clean. Use after making changes, before committing, or when the user asks to verify quality.

8 stars

Best use case

devcheck is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

Lint, format, typecheck, and verify the project is clean. Use after making changes, before committing, or when the user asks to verify quality.

Teams using devcheck should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

  • You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

  • You only need a quick one-off answer and do not need a reusable workflow.
  • You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/devcheck/SKILL.md --create-dirs "https://raw.githubusercontent.com/cyanheads/pubchem-mcp-server/main/skills/devcheck/SKILL.md"

Manual Installation

  1. Download SKILL.md from GitHub
  2. Place it in .claude/skills/devcheck/SKILL.md inside your project
  3. Restart your AI agent — it will auto-discover the skill

How devcheck Compares

Feature / AgentdevcheckStandard Approach
Platform SupportNot specifiedLimited / Varies
Context Awareness High Baseline
Installation ComplexityUnknownN/A

Frequently Asked Questions

What does this skill do?

Lint, format, typecheck, and verify the project is clean. Use after making changes, before committing, or when the user asks to verify quality.

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

Related Guides

SKILL.md Source

## What It Runs

`bun run devcheck` runs a broader check suite than just lint + types. By default it includes local hygiene checks, MCP definition linting, Biome, TypeScript, and slow dependency/security checks unless `--fast` is passed. Tests are opt-in via `--test`.

| Check | Tool | Notes |
|:------|:-----|:------|
| TODOs / FIXMEs | `git grep` | Fails on tracked TODO/FIXME markers outside excluded files |
| Tracked secrets | `git ls-files` | Flags tracked `.env`, keys, credentials, and similar sensitive files |
| MCP definitions | `bun run scripts/lint-mcp.ts` | Validates tool/resource/prompt definitions against framework rules |
| Biome | `biome check` | Unified lint + format — read-only by default |
| TypeScript | `tsc --noEmit` | Full project type check |
| Unused dependencies | `depcheck` | Runs by default; network-free but slower on large repos |
| Security audit | `bun audit` | Runs by default unless `--fast` or `--no-audit` |
| Outdated dependencies | `bun outdated` | Runs by default unless `--fast` or `--no-deps` |
| Tests | `vitest run` | Off by default; enable with `bun run devcheck --test` |

To auto-fix lint/format issues, run `bun run format`.

## Steps

1. Run `bun run devcheck`
2. Read the failing checks in the summary and per-check output
3. Fix the reported issues
4. Re-run `bun run devcheck` until clean
5. If the change touches runtime behavior, also run `bun run devcheck --test` or `bun run test`
6. Do not consider this skill complete until the required commands exit successfully with no errors

## Common Issues

| Check | Error Type | Typical Fix |
|:------|:-----------|:------------|
| TODOs / FIXMEs | Tracked work markers | Resolve or remove the marker before committing |
| Tracked secrets | Sensitive files in git | Add to `.gitignore` and remove from the index |
| MCP definitions | Definition lint errors | Fix schema/name/annotation issues reported by `lint-mcp` |
| Biome | Lint/format errors | Run `bun run format` to auto-fix, or address the flagged rule manually |
| TypeScript | Type errors | Fix type mismatches, missing properties, incorrect generics |
| Security audit | Vulnerabilities in direct deps | Update or replace the affected dependency |
| Outdated deps | Stale package versions | Run `bun update` or allowlist intentionally pinned packages |

## Checklist

- [ ] `bun run devcheck` exits with no errors
- [ ] Tests run when needed (`bun run devcheck --test` or `bun run test`)

Related Skills

tool-defs-analysis

8
from cyanheads/pubchem-mcp-server

Read-only audit of MCP definition language across an existing surface — tools, resources, prompts. Walks every definition file and checks 12 categories the LLM reads to decide whether and how to call: voice & tense, internal leaks, audience leaks, defaults, recovery hints, output descriptions, cross-references, sparsity, examples, structure, mutator observability, unit-bearing numeric names. Produces grouped findings with file:line citations and a numbered options list. Use during polish, after a refactor, or before a release. Complements `field-test` (behavior testing) and `security-pass` (security audit).

setup

8
from cyanheads/pubchem-mcp-server

Post-init orientation for an MCP server built on @cyanheads/mcp-ts-core. Use after running `@cyanheads/mcp-ts-core init` to understand the project structure, conventions, and skill sync model. Also use when onboarding to an existing project for the first time.

security-pass

8
from cyanheads/pubchem-mcp-server

Review an MCP server for common security gaps: LLM-facing surfaces as injection vector (tools, resources, prompts, descriptions), scope blast radius, destructive ops without consent, upstream auth shape, input sinks (URL / path / roots / shell / sampling / schema strictness / ReDoS), tenant isolation, leakage through errors and telemetry, unbounded resources, and HTTP-mode deployment surface. Use before a release, after a batch of handler changes, or when the user asks for a security review, audit, or hardening pass. Produces grouped findings and a numbered options list.

report-issue-local

8
from cyanheads/pubchem-mcp-server

File a bug or feature request against this MCP server's own repo. Use for server-specific issues — tool logic, service integrations, config problems, or domain bugs that aren't caused by the framework.

report-issue-framework

8
from cyanheads/pubchem-mcp-server

File a bug or feature request against @cyanheads/mcp-ts-core when you hit a framework issue. Use when a builder, utility, context method, or config behaves contrary to the documented API — not for server-specific application bugs.

release-and-publish

8
from cyanheads/pubchem-mcp-server

Ship a release end-to-end across every registry the project targets (npm, MCP Registry, GitHub Releases for `.mcpb` bundles, GHCR). Runs the final verification gate, pushes commits and tags, then publishes to each applicable destination. Assumes git wrapup (version bumps, changelog, commit, annotated tag) is already complete — this skill is the post-wrapup publish workflow. Retries transient network failures on publish steps; halts with a partial-state report when retries are exhausted or the failure is terminal.

polish-docs-meta

8
from cyanheads/pubchem-mcp-server

Finalize documentation and project metadata for a ship-ready MCP server. Use after implementation is complete, tests pass, and devcheck is clean. Safe to run at any stage — each step checks current state and only acts on what still needs work.

orchestrations

8
from cyanheads/pubchem-mcp-server

Pick and run a multi-phase workflow that chains foundational task skills (`git-wrapup`, `release-and-publish`, `maintenance`, `field-test`, `setup`, etc.) end-to-end. Routes user intent to a workflow file under `workflows/` — greenfield builds, maintenance + release, field-test + fix, or known-work + release. Single source for the universal rules (no commits without authorization, no destructive git, no marketing language), the orchestrator posture (own the goal, ground sub-agents in primary sources, verify against the goal), and the sub-agent strategy (orient block, parallel fanout, isolation, normalization) that apply across every workflow. Sub-agents are an optional capability — workflows run linearly when fanout isn't available.

maintenance

8
from cyanheads/pubchem-mcp-server

Investigate, adopt, and verify dependency updates — with special handling for `@cyanheads/mcp-ts-core`. Captures what changed, understands why, cross-references against the codebase, adopts framework improvements, syncs project skills, and runs final checks. Supports two entry modes: run the full flow end-to-end, or review updates you already applied.

git-wrapup

8
from cyanheads/pubchem-mcp-server

Land working-tree changes as logical commits — the work grouped by concern, topped by a release commit (version bump, changelog, regenerated artifacts) and an annotated tag. Verify, commit, tag. Stops at "committed and tagged locally" — no push, no publish. The release-and-publish skill picks up from here. Distilled from the git_wrapup_instructions protocol.

field-test

8
from cyanheads/pubchem-mcp-server

Exercise tools, resources, and prompts against a live HTTP server via MCP JSON-RPC over curl. Starts the server, surfaces the catalog, runs real and adversarial inputs, and produces a tight report with concrete findings and numbered follow-up options. Use after adding or modifying definitions, or when the user asks to test, try out, or verify their MCP surface.

design-mcp-server

8
from cyanheads/pubchem-mcp-server

Design the tool surface, resources, and service layer for a new MCP server. Use when starting a new server, planning a major feature expansion, or when the user describes a domain/API they want to expose via MCP. Produces a design doc at docs/design.md that drives implementation.