Pre Deploy Guardian

A rigorous 8-phase validation pipeline to audit environment, security, data migrations, and API stability before deploy.

Install
cmdop skills install agensi-pre-deploy-guardian

Pre Deploy Guardian is an automated validation pipeline consisting of eight phases designed to ensure safe deployment in production environments. It systematically audits projects for misconfigurations and issues that standard CI/CD pipelines may overlook. The skill performs an Environment Scan, validating .env files against examples, and flags any placeholders. The Code Health phase checks test stability, linting, and build integrity. A Dependency Audit identifies high-severity CVEs and potential loose version ranges. The Data Layer step detects any pending or destructive migrations that could cause issues. Additionally, an API Stability check flags any breaking changes in routes or response formats. The Security Gate hunts for hardcoded secrets and potential debug-mode leaks. A Rollback Plan is created to produce a custom recovery document, while the Deploy Summary provides a final readiness report categorized as Green, Yellow, or Red. This skill supports any framework utilizing standard manifest files such as package.json, pyproject.toml, or Cargo.toml, proving that the code is safe for production prior to deployment.

Use cases

  • use it to validate environment variables before deployment
  • use it to ensure code quality and prevent build issues
  • use it to scan dependencies for known vulnerabilities
  • use it to detect potential database migration issues before they occur
  • use it to identify API contract violations prior to releasing code
  • use it to prepare rollback documentation for deployments.

When to use it

  • when deploying applications to production environments
  • when managing code changes with an active CI/CD pipeline
  • when working with a team that requires strict deployment validation
  • when using frameworks supported by standard manifest files
  • when needing a structured approach to deployment readiness checks.

When not to use it

  • when the project does not utilize standard manifest files
  • when working on non-production environments only
  • when immediate deployment is required without checks
  • when simplicity and speed of deployment are prioritized over stability
  • when there are no concerns about environment variable configurations.