Skip to content

Add VibeRaven production readiness gate rule #309

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
ohad6k wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Add VibeRaven production readiness gate rule #309

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
8da426f
Add VibeRaven production readiness gate rule
ohad6k Jun 10, 2026
d83b4dd
docs: address VibeRaven rule review
ohad6k Jun 13, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -235,6 +235,7 @@ By adding selected `.mdc` files to `.cursor/rules/`, you can use these rules dir
- [Cloudflare Email to Telegram](https://github.com/PatrickJS/awesome-cursorrules/blob/main/rules/cloudflare-email-telegram-cursorrules-prompt-file.mdc) - Setting up email-to-Telegram forwarding via Cloudflare Email Routing and Workers using the mail2tg CLI.
- [Netlify](https://github.com/PatrickJS/awesome-cursorrules/blob/main/rules/netlify-official-cursorrules-prompt-file.mdc) - Official deployment platform integration.
- [Vercel](https://github.com/PatrickJS/awesome-cursorrules/blob/main/rules/vercel-deployment-cursorrules-prompt-file.mdc) - Deployment with serverless functions, Edge Runtime, middleware, caching, CI/CD, and production-ready configuration.
- [VibeRaven Production-Readiness Gate](https://github.com/PatrickJS/awesome-cursorrules/blob/main/rules/viberaven-production-readiness-gate.mdc) - Production-readiness gate for AI-built apps before launch, deploy, auth, billing, database, RLS, env vars, webhooks, monitoring, or tests.

### Build Tools and Development

Expand Down
65 changes: 65 additions & 0 deletions rules/viberaven-production-readiness-gate.mdc
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
---
description: "Production-readiness gate for AI-built apps using VibeRaven before launch, deploy, auth, billing, database, RLS, env vars, webhooks, monitoring, or tests."
globs: **/*
alwaysApply: true
---
# VibeRaven Production-Readiness Gate

Use this rule when preparing an AI-built app for launch, deployment, real users,
auth, billing, database changes, Supabase RLS, environment variables, webhooks,
monitoring, rate limits, or tests.

## Required Gate

Before claiming an app is production ready, run:

```bash
npx -y viberaven --agent-mode
```

Then read these primary gate artifacts before making more changes:

- `.viberaven/agent-tasklist.md`
- `.viberaven/gate-result.json`
- `.viberaven/context-map.json`

If present, use `.viberaven/agent-summary.md` and
`.viberaven/launch-playbook.md` as supporting context, but treat
`.viberaven/gate-result.json` as the machine verdict.
Comment on lines +22 to +28

@coderabbitai coderabbitai Bot Jun 13, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Check VibeRaven official docs and help output for artifact paths
echo "=== Checking viberaven.dev documentation ==="
curl -s https://viberaven.dev/ | grep -i "\.viberaven\|artifact\|output" | head -20 || echo "No direct matches"

echo ""
echo "=== Checking for npm package viberaven ==="
npm view viberaven@latest 2>/dev/null | grep -A 20 "description\|readme" || echo "Package not found on npm"

echo ""
echo "=== Checking for gh releases/docs ==="
gh api repos/viberaven-dev/viberaven/contents/README.md 2>/dev/null | jq -r '.content | `@base64d`' | grep -i "artifact\|\.viberaven\|output" | head -20 || echo "Repo or docs not accessible"

Repository: PatrickJS/awesome-cursorrules

Length of output: 923

🌐 Web query:

VibeRaven ".viberaven" agent-tasklist.md

💡 Result:

Based on current technical documentation and available resources, there is no standardized or official file named ".viberaven/agent-tasklist.md" associated with the VibeRaven platform [1][2][3]. VibeRaven is a tool designed to assess the production readiness of AI-built applications [1][4]. Its primary workflow involves scanning a repository for production gaps (such as authentication, database rules, billing, and deployment configuration) and generating scoped, repo-aware prompts to hand off to AI coding agents like Cursor or Claude Code [2][5]. While some developer workflows use directory structures like ".hermes/" or custom task lists (e.g., "*-tasklist.md") for managing autonomous agent tasks [6][7][8], VibeRaven's official methodology focuses on checklists, production-readiness guides, and prompt generation rather than a specific standardized ".viberaven/" task list file format [2][3][4]. If you are looking for a task list generated by a VibeRaven-integrated workflow, it is likely a custom implementation specific to your project's agent orchestration setup rather than a native component of the VibeRaven platform.

Citations:

🌐 Web query:

VibeRaven "gate-result.json"

💡 Result:

The string "VibeRaven "gate-result.json"" does not correspond to any single, authoritative, VibeRaven-specific file spec that I can find from current public sources. What I can confirm from authoritative/near-authoritative evidence: 1) Many “quality gate”/CI tools use a file named gate-result.json as a machine-readable JSON output for gate results (example: EvalGuard’s docs show evalguard gate ... --json > gate-result.json). [1] 2) The VibeRaven project itself is a production-readiness scanning/productivity tool for AI-built apps (not a known gate-result.json generator). Its docs describe checking launch gaps (auth, billing, deployment, env vars, monitoring, etc.) but don’t mention gate-result.json. [2][3] Separately, there are unrelated projects/workflows that explicitly write a gate result to a path ending in gate-result.json (e.g., a Vouch workflow writes compact gate results to .vouch/build/gate-result.json and describes that file as stable input for status checks/integrations). [4] So, unless you mean one of the above (or you have a specific repo/extension/source where VibeRaven emits/consumes gate-result.json), I can’t responsibly claim what that specific file is for inside VibeRaven itself. If you share: - the GitHub repo / package name where “VibeRaven” references gate-result.json, or - a snippet of the code/config that creates/reads it, then I can pinpoint exactly what VibeRaven is doing with that file in your context.

Citations:

🌐 Web query:

VibeRaven "context-map.json"

💡 Result:

VibeRaven is a tool and VS Code/Cursor extension designed to assist developers in transitioning AI-built prototypes into production-ready applications [1][2]. It functions as a launch-readiness scanner that analyzes a codebase to identify configuration gaps in areas such as authentication, billing, database management, environment variables, and monitoring [1][3][4]. The file "context-map.json" is a common pattern used in various AI-coding and repository-analysis tools (including those similar to VibeRaven) to store a structured index or "map" of a project's codebase [5][6][7][8]. While VibeRaven itself uses internal scanning to generate "Mission Maps" and readiness reports, the broader context-map pattern—often referred to as a "context map" or "project map"—serves the following technical purposes in AI development workflows: 1. Sparse Context Loading: AI coding agents (like those in Cursor or Claude Code) use these files to understand the project structure without needing to scan every file in the repository, which saves tokens and improves relevance [5][6][7]. 2. Repository Topology: It acts as an index of project modules, entry points, dependencies, and file relationships [7][8]. 3. Agent Handoff: It provides a persistent, machine-readable summary of the project state that tools use to suggest the "next move" or prompt for a coding agent [7][3][9]. In the context of VibeRaven specifically, the tool inspects your workspace to surface production blockers and generates actionable, copy-ready prompts for your coding agent [3][9]. It focuses on maintaining alignment between your project's technical implementation and its development goals (often tracked via a "SPEC.md" or similar project memory file) [3].

Citations:

🌐 Web query:

site:viberaven.dev .viberaven gate-result.json

💡 Result:

The term gate-result.json is not an official public standard or documented file format associated with VibeRaven. VibeRaven is a tool designed to help developers assess the production readiness of AI-built applications by scanning code repositories and generating checklists, launch gap analyses, and prompts for coding agents [1][2][3]. While VibeRaven analyzes repository evidence and provides outputs for production readiness, there is no public documentation indicating that it uses a file named gate-result.json [1][4][5]. It is likely that this filename is either an internal temporary file, a specific artifact generated by a custom local implementation, or a misunderstood reference to the tool's output data structure. For official information regarding VibeRaven's functionality, users should refer to their documentation at viberaven.dev [2][6].

Citations:

Fix hardcoded .viberaven/ artifact filenames in readiness gate rule.

Lines 22–28 assume VibeRaven generates .viberaven/agent-tasklist.md, .viberaven/gate-result.json, and .viberaven/context-map.json (and treats gate-result.json as the machine verdict). Public VibeRaven resources don’t document creating a .viberaven/ directory or these specific filenames, and gate-result.json / agent-tasklist.md are not indicated as VibeRaven artifacts. context-map.json is a common filename in other “context/project map” tools, but there’s no public evidence tying it to VibeRaven’s outputs.

Update the rule to match the actual artifact paths/filenames produced by VibeRaven (or make the instruction reference where the extension/report tells users to find the machine-readable verdict), instead of hardcoding these .viberaven/* files.

🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@rules/viberaven-production-readiness-gate.mdc` around lines 22 - 28, Replace
the hardcoded artifact filenames `.viberaven/agent-tasklist.md`,
`.viberaven/gate-result.json`, and `.viberaven/context-map.json` in the
readiness-gate rule text with either (a) the actual filenames/paths produced by
VibeRaven (as documented by the extension/report) or (b) a configurable or
referenced location pulled from the VibeRaven report/extension metadata;
specifically update the sentences that assert those three `.viberaven/*` files
exist and that `gate-result.json` is the machine verdict to instead point at the
real artifact path or to say “the machine-readable verdict as specified by the
VibeRaven extension/report” (so the rule no longer assumes `.viberaven/` or
those exact filenames).


Do not deploy or push after auth, RLS, billing, webhook, environment, or provider
configuration changes until `gate.status` is `clear` in
`.viberaven/gate-result.json`.

## Agent Loop

1. Run `npx -y viberaven --agent-mode` from the project root.
2. Read `.viberaven/agent-tasklist.md` completely.
3. Fix one listed repo-code launch gap.
4. Run `npx -y viberaven --verify`.
5. Repeat until `.viberaven/gate-result.json` reports `gate.status: "clear"`.

If the scan output prints `VIBERAVEN_NEXT_ACTION`, follow its `batchSize`,
`scanNow`, and `stalled` values. Do not verify after every patch; batch supported
repo-code fixes and verify once per loop.

## Provider Work

Provider dashboard work is not fixed by repo edits. Billing setup, DNS, webhook
registration, credentials, quotas, and live provider verification must be
completed in the provider dashboard or verified through read-only provider
evidence.

If VibeRaven prints `VIBERAVEN_PROVIDER_ACTION`, present the dashboard URL and
exact step to the user, wait for confirmation, then verify again.

## Useful Commands

```bash
npx -y viberaven next --json
npx -y viberaven prompt --gap <gap-id>
npx -y viberaven --heal --plan --gap <gap-id>
npx -y viberaven --heal --apply --gap <gap-id> --yes
npx -y viberaven --strict
npx -y viberaven audit --vercel-supabase
Comment on lines +59 to +64

@coderabbitai coderabbitai Bot Jun 13, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🌐 Web query:

What are the available command-line commands and flags for the VibeRaven tool?

💡 Result:

VibeRaven is not a command-line interface (CLI) tool with specific commands or flags [1][2]. Instead, VibeRaven is a documentation and checklist platform that provides guides, production-readiness checklists, and workflows for developers building applications with AI [1][3][4]. The tool focuses on assisting developers in transitioning AI-built apps from development or preview stages to production by identifying launch gaps in areas such as authentication, database rules, billing, deployment, and monitoring [4][2][5]. It works by analyzing repository evidence and providing actionable prompts that can be used with AI coding agents like Cursor, Claude Code, or other VS Code-integrated agents to perform the necessary fixes [4][2][5][6]. There is no installable CLI software or set of terminal commands associated with VibeRaven [1][7].

Citations:

Remove/replace incorrect npx -y viberaven ... command examples in the readiness gate

VibeRaven isn’t an installable CLI with terminal subcommands/flags; it’s a docs/checklist platform, so the npx -y viberaven ... examples (including lines 17, 39, and the “Useful Commands” block on lines 59–64) are very likely non-functional and will mislead users. Update the rule to match the actual documented workflow or remove the CLI command section.

🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@rules/viberaven-production-readiness-gate.mdc` around lines 59 - 64, The
"Useful Commands" examples that show "npx -y viberaven ..." (e.g., "npx -y
viberaven next --json", "npx -y viberaven prompt --gap <gap-id>", "npx -y
viberaven --heal --plan --gap <gap-id>", "npx -y viberaven --heal --apply --gap
<gap-id> --yes", "npx -y viberaven --strict", "npx -y viberaven audit
--vercel-supabase") are incorrect because VibeRaven is not a CLI—remove these
fake npx command examples or replace them with the correct documented workflow
for VibeRaven (for example, link or outline the web/docs checklist usage, API
calls, or supported integration steps), and update any other occurrences of the
same bogus CLI examples elsewhere in the rule to avoid misleading users.

```
Comment thread
coderabbitai[bot] marked this conversation as resolved.
Loading