matomo-agent-skills/AGENTS.md at main · matomo-org/matomo-agent-skills

Scope

These rules apply to any task that adds, removes, or updates skills under skills/.

If skill inventory changes, update README.md in the same change.
Every skill must contain a valid SKILL.md with name and description frontmatter.
Every skill should include agents/openai.yaml aligned with SKILL.md behavior.
Any skill that uses a default dev-branch baseline, branch-diff example, or branch-based immutability rule must use the shared tracked target dev branch behavior and wording instead of a fixed-major branch such as origin/5.x-dev, unless the text is intentionally major-specific and clearly justified.
A skill task is not complete until all checklist items in this file are satisfied.

Skill folder name matches the skill name convention (lowercase, digits, hyphens).
SKILL.md command guidance is executable and consistent with real Matomo workflows.
Shell command examples are safe as documented: literal commands are copy-pasteable, template commands clearly require substitution, and environment-dependent commands state their prerequisites.
README.md "Available Skills" and installation guidance reflect current repository state.
No stale or contradictory descriptions between README.md, SKILL.md, and agents/openai.yaml.
Trigger conditions are explicit enough that tooling can select the correct skill reliably.
Skills that use dev-branch defaults or branch-based examples align on the shared tracked target dev branch wording and behavior, including fallback-to-ask-user guidance when the correct base cannot be inferred confidently.
If a development or code-review-relevant skill adds or tightens review expectations, verify matomo-review routes to those expectations, maps their violations to the intended review severity, or document why the skill is intentionally excluded from review routing.

Create or update the skill directory under skills/<skill-name>/.
Create or update skills/<skill-name>/SKILL.md.
Create or update skills/<skill-name>/agents/openai.yaml.
If the skill affects development-time review expectations, assess whether skills/matomo-review/ must be updated in the same change for both routing and severity handling.
Update README.md:

If the skill uses dev-branch defaults, branch-diff examples, or branch-based immutability guidance, update every affected README.md, SKILL.md, agents/openai.yaml, and routed reference file in the same change so they all use the shared tracked target dev branch wording and behavior.
If shell command examples changed, manually verify that literal commands are copy-pasteable, template commands clearly require substitution, xargs examples include an empty-input guard, environment-dependent commands state their prerequisites, and the changed examples are run against a suitable Matomo checkout or environment before marking the task done.
Self-review against the required validation checklist before marking done.

Prefer deterministic commands and decision rules over narrative text.
Keep instructions concise; include only context needed for reliable execution.
Include examples when they remove ambiguity; avoid redundant examples.
Keep skill instructions focused on operational use, not process history.
Align all docs with actual scripts and command behavior; do not document unsupported flows.
For shell examples, prefer the simplest command form that preserves intent and avoids parser-specific regex features when a basic rg/shell form is sufficient.

Use this split when multiple skills could plausibly cover the same review area:

Cross-cutting security invariants belong in matomo-security-rules.
Framework or layer skills own sink-specific implementation guidance for their area.
Framework skills may reference security expectations, but should not restate full security policy.
Examples:

If a review-relevant change touches both a cross-cutting security invariant and a framework-specific sink, verify matomo-review routes to both the framework skill and the relevant security checks without duplicating the same finding twice.