policy.enforce
About
The policy.enforce skill validates skill and agent manifests against Betty Framework policy rules. It enforces naming conventions, semantic versioning, permissions, and lifecycle checks to ensure consistency and compliance. Use it for both single-file validation and batch scanning of all your manifests.
Documentation
policy.enforce
Enforces policy rules for skill and agent manifests including naming conventions, semantic versioning, permissions validation, and status lifecycle checks.
Overview
The policy.enforce skill validates skill and agent manifests against Betty Framework policy rules to ensure consistency and compliance across the framework. It supports both single-file validation and batch mode for scanning all manifests.
Policy Rules
1. Naming Convention
- Names must be lowercase only
- Can use dots for namespacing (e.g.,
api.define,workflow.compose) - Must start with a lowercase letter
- Must end with a letter or number
- No spaces, underscores, or hyphens in the name field
Valid Examples:
api.definepolicy.enforceskill.create
Invalid Examples:
API.define(uppercase)api_define(underscore)api define(space)api-define(hyphen)
2. Semantic Versioning
- Must follow semantic versioning format:
MAJOR.MINOR.PATCH - Optional pre-release suffix allowed (e.g.,
1.0.0-alpha)
Valid Examples:
0.1.01.0.02.3.1-beta
Invalid Examples:
1.0(missing patch)v1.0.0(prefix not allowed)1.0.0.0(too many segments)
3. Permissions
Only the following permissions are allowed:
filesystem(or scoped:filesystem:read,filesystem:write)network(or scoped:network:http,network:https)readwrite
Any other permissions will trigger a violation.
4. Status
Must be one of:
draft- Under developmentactive- Production readydeprecated- Still works but not recommendedarchived- No longer maintained
Usage
Single File Validation
Validate a single skill or agent manifest:
python3 skills/policy.enforce/policy_enforce.py path/to/skill.yaml
Example:
python3 skills/policy.enforce/policy_enforce.py skills/api.define/skill.yaml
Batch Mode
Validate all manifests in skills/ and agents/ directories:
python3 skills/policy.enforce/policy_enforce.py --batch
Or simply run without arguments:
python3 skills/policy.enforce/policy_enforce.py
Strict Mode
Treat warnings as errors (if warnings are implemented in future):
python3 skills/policy.enforce/policy_enforce.py --batch --strict
Output Format
The skill outputs JSON with the following structure:
Single File Success
{
"success": true,
"path": "skills/api.define/skill.yaml",
"manifest_type": "skill",
"violations": [],
"violation_count": 0,
"message": "All policy checks passed"
}
Single File Failure
{
"success": false,
"path": "skills/example/skill.yaml",
"manifest_type": "skill",
"violations": [
{
"field": "name",
"rule": "naming_convention",
"message": "Name contains uppercase letters: 'API.define'. Names must be lowercase.",
"severity": "error"
},
{
"field": "version",
"rule": "semantic_versioning",
"message": "Invalid version: '1.0'. Must follow semantic versioning (e.g., 1.0.0, 0.1.0-alpha)",
"severity": "error"
}
],
"violation_count": 2,
"message": "Found 2 policy violation(s)"
}
Batch Mode
{
"success": true,
"mode": "batch",
"message": "Validated 15 manifest(s): 15 passed, 0 failed",
"total_manifests": 15,
"passed": 15,
"failed": 0,
"results": [
{
"success": true,
"path": "skills/api.define/skill.yaml",
"manifest_type": "skill",
"violations": [],
"violation_count": 0,
"message": "All policy checks passed"
}
]
}
Interpreting Results
Exit Codes
0- All policy checks passed1- One or more policy violations found
Violation Severity
error- Blocking violation that must be fixedwarning- Non-blocking issue (recommended to fix)
Common Violations
Naming Convention Violations:
- Use lowercase:
API.define→api.define - Use dots instead of underscores:
api_define→api.define - Remove spaces:
api define→api.define
Version Violations:
- Add patch version:
1.0→1.0.0 - Remove prefix:
v1.0.0→1.0.0
Permission Violations:
- Use only allowed permissions
- Replace
httpwithnetwork:http - Replace
filewithfilesystem
Status Violations:
- Use lowercase:
Active→active - Use valid values:
production→active
Integration with CI/CD
Add to your CI pipeline to enforce policies on all manifests:
# .github/workflows/policy-check.yml
name: Policy Enforcement
on: [push, pull_request]
jobs:
policy-check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Run Policy Enforcement
run: |
python3 skills/policy.enforce/policy_enforce.py --batch
Inputs
| Input | Type | Required | Default | Description |
|---|---|---|---|---|
manifest_path | string | No | - | Path to a single manifest file to validate |
--batch | boolean | No | false | Enable batch mode to validate all manifests |
--strict | boolean | No | false | Treat warnings as errors |
Outputs
| Output | Type | Description |
|---|---|---|
success | boolean | Whether all policy checks passed |
violations | array | List of policy violations found |
violation_count | integer | Total number of violations |
message | string | Summary message |
path | string | Path to the validated manifest (single mode) |
manifest_type | string | Type of manifest: "skill" or "agent" (single mode) |
total_manifests | integer | Total number of manifests checked (batch mode) |
passed | integer | Number of manifests that passed (batch mode) |
failed | integer | Number of manifests that failed (batch mode) |
results | array | Individual results for each manifest (batch mode) |
Dependencies
betty.config- Configuration and pathsbetty.validation- Validation utilitiesbetty.logging_utils- Logging infrastructure- PyYAML - YAML parsing
Status
Active - Production ready
Examples
Example 1: Validate a Single Skill
$ python3 skills/policy.enforce/policy_enforce.py skills/api.define/skill.yaml
{
"success": true,
"path": "skills/api.define/skill.yaml",
"manifest_type": "skill",
"violations": [],
"violation_count": 0,
"message": "All policy checks passed"
}
Example 2: Batch Validation
$ python3 skills/policy.enforce/policy_enforce.py --batch
{
"success": true,
"mode": "batch",
"message": "Validated 15 manifest(s): 15 passed, 0 failed",
"total_manifests": 15,
"passed": 15,
"failed": 0,
"results": [...]
}
Example 3: Failed Validation
$ python3 skills/policy.enforce/policy_enforce.py skills/bad-example/skill.yaml
{
"success": false,
"path": "skills/bad-example/skill.yaml",
"manifest_type": "skill",
"violations": [
{
"field": "name",
"rule": "naming_convention",
"message": "Name contains uppercase letters: 'Bad-Example'. Names must be lowercase.",
"severity": "error"
}
],
"violation_count": 1,
"message": "Found 1 policy violation(s)"
}
$ echo $?
1
Future Enhancements
- Custom policy rule definitions via YAML files
- Support for warning-level violations
- Auto-fix capability for common violations
- Policy exemptions and overrides
- Historical violation tracking
Quick Install
/plugin add https://github.com/epieczko/betty/tree/main/policy.enforceCopy and paste this command in Claude Code to install this skill
GitHub 仓库
Related Skills
subagent-driven-development
DevelopmentThis skill executes implementation plans by dispatching a fresh subagent for each independent task, with code review between tasks. It enables fast iteration while maintaining quality gates through this review process. Use it when working on mostly independent tasks within the same session to ensure continuous progress with built-in quality checks.
algorithmic-art
MetaThis Claude Skill creates original algorithmic art using p5.js with seeded randomness and interactive parameters. It generates .md files for algorithmic philosophies, plus .html and .js files for interactive generative art implementations. Use it when developers need to create flow fields, particle systems, or other computational art while avoiding copyright issues.
executing-plans
DesignUse the executing-plans skill when you have a complete implementation plan to execute in controlled batches with review checkpoints. It loads and critically reviews the plan, then executes tasks in small batches (default 3 tasks) while reporting progress between each batch for architect review. This ensures systematic implementation with built-in quality control checkpoints.
cost-optimization
OtherThis Claude Skill helps developers optimize cloud costs through resource rightsizing, tagging strategies, and spending analysis. It provides a framework for reducing cloud expenses and implementing cost governance across AWS, Azure, and GCP. Use it when you need to analyze infrastructure costs, right-size resources, or meet budget constraints.