Skill-first rule now has two halves: route the request to a doing-skill, then gate the result with the matching check-skill before 'done' -- inferred from the request, not user-named. Adds .claude/SKILL_ROUTING.md (on-demand request->doing-skill->check-skill map). Enforcement tier A+B (CORE rule + map; Stop-hook backstop deferred). Calibrate to stakes, Ollama Tier-0 for cheap passes. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
5.1 KiB
Skill Routing Map
On-demand reference for the CORE Skill-first + Definition of Done rules (
.claude/CLAUDE.md). Read this when a request maps to a skill, or when work nears "done" and needs its check-skill. You infer the right skills from the request + expected end result — the user should NOT have to name them. Calibrate to stakes (a typo fix needs no full review) and use Ollama Tier-0 for the cheap classify/prose passes so this stays low-token.
How to use this (every substantive request)
- Route the action → pick the doing-skill for what's being asked (tables below).
- Do the work through that skill (not hand-rolled API).
- Gate the result → before saying "done," run the check-skill(s) matching the work-type.
- Only declare done after the gate passes. If you skip a gate for stakes reasons, say so.
Doing-skills (request → the skill that DOES it)
| Request signal | Skill |
|---|---|
| Ticketing, billing, invoicing, customers, scheduling, appointments | /syncro (after-hours/emergency billing → /syncro-emergency-billing). Autotask ONLY on an explicit "in Autotask" request. |
| Any credential — read/store/rotate a secret, API key, password, token, SSH key | vault |
| Run a command / investigate / script on an RMM agent | /rmm (find the host first with rmm-search) |
| M365 investigation/remediation, breach check, mailbox/inbox-rule/forwarding audit, tenant sweep | remediation-tool |
| Onboard a new M365 tenant to the remediation app suite | onboard365 |
| Backblaze / B2 storage, buckets, backup storage cost | b2 |
| Bitdefender / GravityZone AV — endpoints, sweeps, policies, quarantine, EDR | bitdefender |
| Datto EDR / Datto AV — detections, isolate, scan, agent deploy | datto-edr |
| VoIP — PacketDial / OITVOIP / NetSapiens domains, users, DIDs, queues, CDRs | packetdial |
| Email security — Mailprotector/CloudFilter held/quarantined mail, allow/block rules | mailprotector |
| ScreenConnect / CW Control sessions, access installer, backstage command | screenconnect |
| Synology NAS | synology |
| Yealink phone device management | yealink-ymcs |
| UniFi WiFi tuning / RF / channel analysis | unifi-wifi |
| Map/repoint a Windows network drive on a remote endpoint | drive-map |
| Send someone a Discord DM / copy-paste-friendly link or command | discord-dm |
| Inter-session messaging, fleet todos, resource locks, coord status | coord |
| Git / Gitea / submodules / sync health | gitea (or /sync, /scc, /save for session ops) |
| Build/verify GuruRMM agent/server/dashboard, pre-merge check | gururmm-build |
| Capture an RMM feature idea | /feature-request; GuruConnect feature → gc-feature-request |
| Compile session logs/Syncro into wiki | /wiki-compile |
| Create a new skill or slash command | skill-creator |
| Independent 2nd opinion / adversarial verify | grok (xAI) or agy (Gemini) |
| Image/video gen, live web/X search past cutoff | grok |
| Deep multi-source researched report | deep-research |
Not listed? If no skill fits, do it directly — and say so. New recurring need →
skill-creator.
Check-skills (work-type → the gate run BEFORE "done")
Code changes (any edit to source):
/code-review— correctness/bugs./simplify— reuse/cleanup. Scale to stakes./security-review— REQUIRED when the change touches auth, credentials, security, or production risk.test-driven-development— when implementing a feature/bugfix (test first)./verifyorrun— confirm real behavior, not just tests.rust-skills— Rust.inject-standards— apply project coding standards.human-flow/impeccable— interactive UI.- GuruRMM specifically:
gururmm-buildverify before merge-to-main (merge IS the deploy).
Outbound / client-facing (anything sent to a client or vendor — Syncro comment, email, DM, doc):
impeccable— polish + correctness before it leaves (standing rule).stop-slop— strip AI-slop tone.- Internal-only drafts are exempt.
Syncro / vendor actions:
- The skill's own preview + explicit-confirm gate is the check — show the full payload, wait for yes, then post. Never post-then-report. (Syncro: no API edit/delete after the fact.)
Docs / wiki / memory writes:
- Wiki articles →
wiki-lint. Memory store edits →memory-dreamchecks (index/backlinks/dupes).
Stakes calibration (don't burn tokens)
- Trivial/mechanical (typo, comment, rename, one-line doc) → skip the heavy review; a quick self-check is enough. Say you skipped and why.
- Normal change → the standard gate above.
- Security / auth / credential / migration / production / data-loss / outbound-to-client → full gate, bump model one tier, never skip.
- Push the cheap parts (classify which skills apply, prose/tone passes) to Ollama Tier-0; reserve inherited/opus for the actual judgment.
See also: .claude/CLAUDE_EXTENDED.md (full workflow detail), memories [[feedback_skill_first_routing]], [[feedback_impeccable_on_outbound]], [[feedback_syncro_preview_mandatory]], [[feedback_calibrate_effort_to_stakes]].