zsh-style-guide
ZSH Style Guide
Scope Boundaries
- Use this skill when the task matches the trigger condition described in
description. - Do not use this skill when the primary task falls outside this skill's domain.
Use this skill to write and review Zsh scripts that intentionally rely on Zsh behavior while staying safe and maintainable.
Trigger And Co-activation Reference
- If available, use
references/trigger-matrix.mdfor canonical co-activation rules. - If available, resolve style-guide activation from changed files with
python3 scripts/resolve_style_guides.py <changed-path>.... - If available, validate trigger matrix consistency with
python3 scripts/validate_trigger_matrix_sync.py.
Quality Gate Command Reference
- If available, use
references/quality-gate-command-matrix.mdfor CI check-only and local autofix mapping.
Quick Start Snippets
Script skeleton for Zsh entrypoints
#!/usr/bin/env zsh
set -euo pipefail
SCRIPT_NAME="${0:t}"
TEMP_DIR="$(mktemp -d)"
cleanup() {
rm -rf -- "${TEMP_DIR}"
}
on_error() {
local line_number="$1"
local exit_code="$2"
print -u2 -- "${SCRIPT_NAME}: failed at line ${line_number} (exit=${exit_code})"
}
trap cleanup EXIT
TRAPERR() {
on_error "$LINENO" "$?"
}
main() {
print -- "temp dir: ${TEMP_DIR}"
}
main "$@"
Required environment variable check
: "${API_TOKEN:?API_TOKEN is required}"
: "${API_BASE_URL:?API_BASE_URL is required}"
Safe external command with arrays
local -a curl_args=(
--fail
--silent
--show-error
--header "Authorization: Bearer ${API_TOKEN}"
"${url}"
)
curl "${curl_args[@]}"
Bounded retry helper
typeset -ri MAX_ATTEMPTS=5
typeset -ri RETRY_DELAY_SECONDS=2
retry_command() {
local -i attempt=1
while (( attempt <= MAX_ATTEMPTS )); do
if "$@"; then
return 0
fi
if (( attempt == MAX_ATTEMPTS )); then
print -u2 -- "command failed after ${MAX_ATTEMPTS} attempts"
return 1
fi
sleep "${RETRY_DELAY_SECONDS}"
(( attempt++ ))
done
}
Structure And Readability
- Use explicit Zsh shebang for executable scripts.
- Use strict mode for executable entrypoints.
- Keep functions small and orchestration in
main. - Use
localand typed variables where it improves safety. - Keep comments short and focused on intent.
Data Handling And Quoting
- Quote parameter expansions by default.
- Use arrays for argument safety.
- Avoid
evalunless unavoidable and validated. - Replace magic numbers with named constants including units.
- Validate external input before command execution.
Error Handling And Safety
- Use explicit failure paths and non-zero return codes.
- Use trap-based cleanup for temporary resources.
- Avoid silent suppression patterns.
- Fail early for missing required configuration.
- Avoid exposing secrets in logs.
Testing And Verification
- Add shell tests (
zunit/project equivalent) for core and failure paths. - Cover edge cases: empty input, whitespace paths, missing env vars, timeout/retry exhaustion.
- Document manual verification when automation is insufficient.
- Check idempotency for scripts run by automation.
CI Required Quality Gates (check-only)
- Run
zsh -non modified scripts. - Run lint checks configured by the repository (
shellcheckwhere applicable). - Run shell tests (
zunit/project equivalent). - Reject changes that hide failures or rely on implicit behavior.
Optional Autofix Commands (local)
- Run repository formatter/lint autofix commands where available.
- Re-run all check-only gates after autofix.
More from kentoshimizu/sw-agent-skills
graph-algorithms
Graph algorithm workflow for modeling entities/relations and selecting traversal, path, ordering, or flow strategies. Use when correctness or performance depends on graph representation and algorithm choice; do not use for schema-only modeling or deployment topology planning.
14bash-style-guide
Style, review, and refactoring standards for Bash shell scripting. Trigger when `.sh` files, files with `#!/usr/bin/env bash` or `#!/bin/bash`, or CI workflow blocks with `shell: bash` are created, modified, or reviewed and Bash-specific quality controls (quoting safety, error handling, portability, readability) must be enforced. Do not use for generic POSIX `sh`, PowerShell, or language-specific application style rules. In multi-language pull requests, run together with other applicable `*-style-guide` skills.
11architecture-clean-architecture
Clean Architecture workflow for enforcing dependency direction, stable domain boundaries, and use-case-centered application design. Use when teams must separate business rules from frameworks and delivery mechanisms; do not use for isolated module cleanup without boundary implications.
11powershell-style-guide
Style, review, and refactoring standards for PowerShell scripting. Trigger when `.ps1`, `.psm1`, `.psd1` files, or CI workflow blocks with `shell: pwsh` or `shell: powershell` are created, modified, or reviewed and PowerShell-specific quality controls (error handling, parameter validation, readability, operational safety) must be enforced. Do not use for Bash, generic POSIX `sh`, or language-specific application style rules. In multi-language pull requests, run together with other applicable `*-style-guide` skills.
10github-codeowners-management
Govern CODEOWNERS rules so review routing reflects real ownership and risk boundaries on GitHub. Use when repository ownership mapping or mandatory reviewer rules must be defined, updated, or audited; do not use for non-GitHub runtime architecture or data-layer design.
9security-authentication
Security workflow for authentication architecture, credential lifecycle, and session/token assurance. Use when login, identity proofing, MFA, or session security decisions are required; do not use for authorization policy design or non-security quality tuning.
9