Best use case
run is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Execute plan tasks autonomously until completion
Teams using run should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/run/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How run Compares
| Feature / Agent | run | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Execute plan tasks autonomously until completion
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Devloop Run
Execute plan tasks autonomously. **Do the work directly.**
**Bash hygiene**: prefer quiet flags to minimize output (`npm install --silent`, `git status -sb`, pipe long output through `| tail -n 20`).
**Monitor for long commands**: Use Monitor (not Bash) for test suites, builds, and full-codebase linting to stream output in real-time. Use Bash for all short commands (git ops, ls, devloop scripts).
Long-running commands that warrant Monitor:
- Test suites: `npm test`, `pytest`, `go test ./...`, `cargo test`, `make test`, `jest`, `vitest`, `mocha`
- Builds: `npm run build`, `make`, `cargo build`, `go build`, `tsc`, `webpack`, `vite build`, `gradle`, `mvn`
- Full-codebase linting: `eslint .`, `ruff check .`, `pylint src/`, `golangci-lint run`
Monitor pattern (always include failure patterns in the filter):
```
Monitor({ description: "test run", command: "npm test 2>&1 | grep --line-buffered -E 'PASS|FAIL|Error|passed|failed'", timeout_ms: 300000, persistent: false })
```
Fallback: if Monitor errors or is unavailable, use Bash directly.
## Step 1: Check Plan State
Run `${CLAUDE_PLUGIN_ROOT}/scripts/check-plan-complete.sh .devloop/plan.md`.
- **No plan**: Show entry points (`/devloop:plan`) and STOP.
- **Complete**: **AskUserQuestion**: Ship it, Archive, or Review. STOP.
- **Pending**: Continue to Step 2.
## Step 2: Parse Arguments
- `--max-iterations N`: Default 50.
- `--interactive`: Prompt at each task.
- `--next-issue`: Jump to Step 2b (Issue-to-ship workflow).
## Step 2b: Next Issue Workflow
1. Check for incomplete plan (prompt to replace).
2. Fetch with `gh issue list`.
3. Prioritize: bug/critical > security > feat > oldest.
4. Select issue, create `.devloop/plan.md` with required frontmatter (title, issue, url, status).
5. Post-completion: Validate (tests/lint) and commit with `Closes #N`.
## Step 3: Resume State
If `.devloop/next-action.json` exists, load and resume.
## Step 4: Setup Execution
Unless `--interactive`, create `.claude/ralph-loop.local.md` with iteration limits and completion promise: `<promise>ALL PLAN TASKS COMPLETE</promise>`.
**Optional**: Sync plan to native tasks with `${CLAUDE_PLUGIN_ROOT}/scripts/sync-plan-to-tasks.sh`.
## Step 5: Execute Tasks
Read plan, find all `- [ ]` tasks.
### 5a. Detect Parallel Groups
Scan pending tasks for `[parallel:X]` markers. If multiple pending tasks share the same group letter, they can run concurrently.
### 5b. Model Selection Per Task
Parse the `[model:X]` annotation from each task line:
- **`[model:haiku]`**: Spawn Agent with `model: "haiku"` — use for simple/mechanical tasks
- **`[model:sonnet]`**: Spawn Agent with `model: "sonnet"` — use for complex reasoning tasks
- **No annotation**: Do the work inline — no agent spawn needed
### 5c. Execute (Parallel or Sequential)
**For parallel groups**: Spawn one Agent per task in the group simultaneously (multiple Agent calls in a single message). Each agent receives the task description, phase context, and relevant files.
**For sequential tasks** (no parallel marker, or all group members not yet pending): Process one at a time.
Agent spawn pattern:
> **Prompt caching**: Put STATIC content first (identical across spawns → cached), DYNAMIC content last (varies per task → not cached). This maximizes cache hits when multiple agents are spawned in the same session.
```yaml
Agent:
model: "haiku" # or "sonnet" per [model:X] annotation
prompt: |
Instructions: Implement the task below. Do NOT modify plan.md or commit.
Phase: [phase name]
[STATIC: any shared project conventions or plan-level context here]
Task: [description]
Context: [relevant files and conventions -- dynamic, task-specific]
```
### 5d. Update Progress
1. Mark task `[x]` in `plan.md`.
2. Update native task to `completed`.
3. Check overall completion.
- **All complete**: Output `<promise>ALL PLAN TASKS COMPLETE</promise>`.
- **Tasks remain**: Continue (Autonomous) or Prompt (Interactive).
- **Checkpoints**: If `auto_commit: true`, commit at phase boundaries.
## Step 7: Finalize
**AskUserQuestion**: Ship it, Archive, or Review.
---
**Now**: Check plan state and begin.Related Skills
Example Skill
Brief description of what this skill does and the domain expertise it provides.
vulnerability-patterns
Index of vulnerability detection pattern skills. Routes to core patterns (universal) and language-specific patterns for security scanning.
vuln-patterns-languages
Language-specific vulnerability detection patterns for JavaScript/TypeScript, Python, Go, Java, Ruby, and PHP. Provides regex patterns and grep commands for common security vulnerabilities.
vuln-patterns-core
Universal vulnerability detection patterns applicable across all programming languages. Includes hardcoded secrets, SQL/command injection, path traversal, and configuration file patterns.
scan
Run a security assessment using deterministic static analysis tools with LLM-powered triage
results
View the most recent security scan results without re-running the scan
remediation-library
Index of security remediation skills. Routes to specialized skills for injection, cryptography, authentication, and configuration vulnerabilities.
remediation-injection
Security fix patterns for injection vulnerabilities (SQL, Command, XSS). Provides language-specific code examples showing vulnerable and secure implementations.
remediation-crypto
Security fix patterns for cryptographic vulnerabilities (weak algorithms, insecure randomness, TLS issues). Provides language-specific secure implementations.
remediation-config
Security fix patterns for configuration and deployment vulnerabilities (path traversal, debug mode, security headers). Provides language-specific secure implementations.
remediation-auth
Security fix patterns for authentication and authorization vulnerabilities (credentials, JWT, deserialization, access control). Provides language-specific secure implementations.
fix
Fix or guide remediation for a specific security finding from the latest scan report