Skip to main content
The best way to create checks is to have your coding agent write them. Install the writing-checks skill to teach your agent the check file format and best practices: 
npx skills add continuedev/skills --skill writing-checks
Then describe what you want to enforce and the agent writes the check file, tailored to your actual frameworks, file structure, and conventions. Here are some prompts to try:

Security

Catch vulnerabilities specific to your stack — auth gaps, injection vectors, leaked secrets. 
Look at our codebase and write checks for the most likely security issues — think auth bypasses, injection vectors, secrets in source, and missing input validation. Tailor the checks to the frameworks and patterns we actually use.

Code review patterns

Turn recurring PR feedback into automated checks so reviewers don’t have to repeat themselves. 
Look through our recent PR review comments and identify things reviewers say repeatedly. Write checks that automate those recurring review comments.

QA and browser testing

Verify that UI changes render correctly and don’t break links or layouts. 
Write a check that uses a browser to verify any new or changed pages render without errors and match our design system

Best practices

Enforce the conventions your team already follows — error handling, naming, migration safety. 
Analyze our codebase and write checks for the patterns that matter most — error handling conventions, logging standards, naming conventions, or whatever you see us being inconsistent about

Test coverage

Make sure new code ships with tests that match your project’s existing patterns. 
Write a check that verifies new code has corresponding tests, following the test file naming and structure conventions already in our project

Documentation

Flag PRs where public APIs or config changed but the docs didn’t. 
Write a check that flags PRs where public API or configuration changes aren't reflected in documentation

Iterate locally

Write the check (or have your agent write it), run it against a real PR branch, read the output, refine: 
check scan migration-safety    # audit the full codebase
check                          # run against your current diff
See Run Checks Locally for the full local testing workflow.