Skills 4-step-program
🔄

4-step-program

Safe 🌐 Network access⚙️ External commands

Implement AI Agent Quality Control Workflow

Stop accepting mediocre code reviews from AI agents. This workflow enforces a 4-step loop that guarantees 10/10 quality and 100% issue coverage before any code is presented. Agents must fix, review, iterate, and present with mandatory GitHub PR posting.

Supports: Claude Code(CC)
📊 70 Adequate
1

Download the skill ZIP

2

Upload in Claude

Go to Settings → Capabilities → Skills → Upload skill

3

Toggle on and start using

Test it

Using "4-step-program". Fix the database connection pooling issue (Issue #78)

Expected outcome:

  • Created branch fix/db-pool-issue
  • Implemented connection pool with max 20 connections
  • with exponential backoff
  • Added retry logic
  • Updated configuration to handle pool exhaustion
  • All tests passing
  • Review posted to PR #156
  • 100% issue coverage verified
  • Code review score: 10/10

Using "4-step-program". Implement user profile editing feature (Issue #123)

Expected outcome:

  • Backend API endpoint created at /api/users/:id
  • Frontend form with client-side validation added
  • Database migration for profile table completed
  • Unit tests with 100% coverage passing
  • PR #289 opened and linked to issue
  • Code review score: 10/10 with zero suggestions
  • All issue requirements fully implemented

Using "4-step-program". Refactor the authentication module (Issue #200)

Expected outcome:

  • Extracted auth logic to separate service module
  • Added OAuth2 provider support for Google and GitHub
  • Implemented rate limiting on auth endpoints
  • Updated all dependent services to use new module
  • Backward compatibility maintained
  • Review posted to PR #412
  • All 4 requirements met with 100% coverage

Security Audit

Safe
v5 • 1/17/2026

This skill contains only workflow documentation with no executable code. The static scanner produced false positives by misinterpreting markdown syntax and documentation text. All patterns flagged as cryptographic algorithms, backtick execution, and reconnaissance are legitimate documentation formatting and GitHub CLI workflow instructions.

2
Files scanned
681
Lines analyzed
2
findings
5
Total audits

Risk Factors

🌐 Network access (10)
skill-report.json:6 skill-report.json:128 SKILL.md:296 SKILL.md:296 SKILL.md:414 SKILL.md:415 SKILL.md:416 SKILL.md:432 SKILL.md:433 SKILL.md:434
⚙️ External commands (59)
SKILL.md:21-39 SKILL.md:39-46 SKILL.md:46-48 SKILL.md:48-55 SKILL.md:55-60 SKILL.md:60-66 SKILL.md:66-76 SKILL.md:76-83 SKILL.md:83 SKILL.md:83-85 SKILL.md:85-88 SKILL.md:88-92 SKILL.md:92-98 SKILL.md:98-100 SKILL.md:100-117 SKILL.md:117-140 SKILL.md:140-169 SKILL.md:169-171 SKILL.md:171-189 SKILL.md:189-195 SKILL.md:195-203 SKILL.md:203-208 SKILL.md:208-210 SKILL.md:210-212 SKILL.md:212-222 SKILL.md:222-224 SKILL.md:224-233 SKILL.md:233-239 SKILL.md:239-250 SKILL.md:250-269 SKILL.md:269-295 SKILL.md:295-297 SKILL.md:297-300 SKILL.md:300-302 SKILL.md:302-304 SKILL.md:304 SKILL.md:304-339 SKILL.md:339-358 SKILL.md:358-364 SKILL.md:364-371 SKILL.md:371-377 SKILL.md:377-386 SKILL.md:386-392 SKILL.md:392-400 SKILL.md:400-406 SKILL.md:406-417 SKILL.md:417-419 SKILL.md:419-423 SKILL.md:423-435 SKILL.md:435-455 SKILL.md:455-456 SKILL.md:456-457 SKILL.md:457-458 SKILL.md:458-462 SKILL.md:462-469 SKILL.md:469-477 SKILL.md:477-480 SKILL.md:480-486 SKILL.md:486-499
Audited by: claude View Audit History →

Quality Score

38
Architecture
100
Maintainability
87
Content
30
Community
100
Security
87
Spec Compliance

What You Can Build

Enforce Code Quality Standards

Ensure AI agents deliver production-ready code with mandatory reviews and complete issue coverage before human review.

Automate PR Quality Gates

Coordinate AI contributors through a rigorous quality loop that guarantees 10/10 reviews and full requirement implementation.

Standardize Agent Workflows

Implement consistent quality control across all AI agent tasks with documented workflows and clear acceptance criteria.

Try These Prompts

Basic Task Delegation 
Fix the authentication bug in src/auth.ts (Issue #45). Requirements: 1) Session expires after 24h, 2) Refresh token works, 3) Error on dual expiration, 4) Redirect on failure. Success: ALL 4 implemented, tests pass. After reviewing with Skill(code-reviewer), POST review to GitHub and report with PR link.
Feature Implementation 
Implement user profile editing (Issue #123). Requirements from issue: Backend API endpoint, Frontend form with validation, Database migration, Unit tests for all components. Success: ALL requirements implemented, 100% test coverage. Create PR, review with Skill(code-reviewer), POST review to GitHub.
Refactoring Task 
Refactor payment service (Issue #89). Requirements: Extract payment logic to separate module, Add retry mechanism for failed payments, Implement circuit breaker pattern, Update all dependent services. Success: Zero breaking changes, all tests pass, performance improved. Review and POST to GitHub PR.
Complex Multi-Issue Task 
Handle authentication system overhaul (Issues #200-205). Requirements: Migrate to JWT tokens, Add OAuth providers, Implement rate limiting, Update all auth checks, Add audit logging. Success: All 5 issues closed, backward compatibility maintained. Create comprehensive PR with Skill(code-reviewer) review posted to GitHub.

Best Practices

  • Always include ALL requirements from the issue in your delegation prompt
  • Verify agent posted review to GitHub before accepting completion
  • Use line-by-line requirement verification table for final coverage check

Avoid

  • Never accept mostly done or partial issue coverage
  • Do not skip the review step even if code looks correct
  • Avoid presenting without clickable PR and issue URLs

Frequently Asked Questions

What happens if the agent cannot achieve 10/10 review score?
After 5 iterations, escalate to human with details. The workflow enforces quality standards and does not compromise on 10/10 requirements.
Can this work with private GitHub repositories?
Yes, as long as the agent has proper GitHub CLI authentication and repository access permissions for creating PRs and posting reviews.
How do I verify 100% issue coverage?
Use the line-by-line verification table format provided. Extract all requirements from the issue and check each one against the implementation.
What if requirements are unclear in the issue?
Ask for clarification before delegating. The workflow requires 100% coverage of all requirements, so unclear requirements must be clarified first.
Can agents work on multiple issues simultaneously?
Yes, but each issue must have 100% coverage. Create separate PRs or ensure one PR addresses all issues with proper linking.
Is GitHub PR posting really mandatory?
Yes, absolutely mandatory. Reviews must be visible on the PR page for human evaluation. Local-only reviews mean the task has failed.

Developer Details

Author

Cygnusfear

License

MIT

Repository

https://github.com/Cygnusfear/claude-stuff/tree/main/skills/4-step-program

Ref

main

File structure

📄 SKILL.md