Clean Code Standard — Quick Reference

This skill is the authoritative clean code standard for this repository's shared skills. It defines stable rule IDs (

CC-*

), how to apply them in reviews, and how to extend them safely via language overlays and explicit exceptions.

Modern Best Practices (January 2026): Prefer small, reviewable changes and durable change context (https://google.github.io/eng-practices/review/developer/small-cls.html, https://google.github.io/eng-practices/review/developer/cl-descriptions.html). Use normative language consistently (RFC 2119: https://www.rfc-editor.org/rfc/rfc2119). Treat security-by-design and secure defaults as baseline (OWASP Top 10: https://owasp.org/www-project-top-ten/, NIST SSDF SP 800-218: https://csrc.nist.gov/pubs/sp/800/218/final). Build observable systems (OpenTelemetry: https://opentelemetry.io/docs/). For current tool choices, consult

data/sources.json

Quick Reference

Task	Tool/Framework	Command	When to Use
Cite a standard	`CC-*` rule ID	N/A	PR review comments, design discussions, postmortems
Categorize feedback	`CC-NAM` , `CC-ERR` , `CC-SEC` , etc.	N/A	Keep feedback consistent without "style wars"
Add stack nuance	Language overlay	N/A	When the base rule is too generic for a language/framework
Allow an exception	Waiver record	N/A	When a rule must be violated with explicit risk
Reuse shared checklists	`assets/checklists/`	N/A	When you need product-agnostic review/release checklists
Reuse utility patterns	`utilities/`	N/A	When extracting shared auth/logging/errors/resilience/testing utilities

When to Use This Skill

Defining or enforcing clean code rules across teams and languages.
Reviewing code: cite
```
CC-*
```
IDs and avoid restating standards in reviews.
Building automation: map linters/CI gates to
```
CC-*
```
IDs.
Resolving recurring review debates: align on rule IDs, scope, and exceptions.

When NOT to Use This Skill

Deep security audits: Use software-security-appsec for OWASP/SAST deep dives beyond
```
CC-SEC-*
```
baseline.
Review workflow mechanics: Use software-code-review for PR workflow, reviewer assignment, and feedback patterns.
Refactoring execution: Use qa-refactoring for step-by-step refactoring patterns and quality gates.
Architecture decisions: Use software-architecture-design for system-level tradeoffs beyond code-level rules.

Decision Tree: Base Rule vs Overlay vs Exception

text

Feedback needed: [What kind of guidance is this?]
    ├─ Universal, cross-language rule? → Add/modify `CC-*` in `references/clean-code-standard.md`
    │
    ├─ Language/framework-specific nuance? → Add overlay entry referencing existing `CC-*`
    │
    └─ One-off constraint or temporary tradeoff?
        ├─ Timeboxed? → Add waiver with expiry + tracking issue
        └─ Permanent? → Propose a new rule or revise scope/exception criteria

Navigation

Resources

references/clean-code-standard.md
references/code-quality-operational-playbook.md — Legacy operational playbook (RULE-01–RULE-13)
references/clean-code-operational-checklist.md
references/clean-coder-operational-checklist.md
references/code-complete-operational-checklist.md
references/pragmatic-programmer-operational-checklist.md
references/practice-of-programming-operational-checklist.md
references/working-effectively-with-legacy-code-operational-checklist.md
references/art-of-clean-code-operational-checklist.md
references/refactoring-operational-checklist.md
references/design-patterns-operational-checklist.md
data/sources.json — Durable external references for review, security-by-design, and observability
CONVENTIONS.md — Skill structure and validation conventions
SKILL-TEMPLATE.md — Copy-paste starter for new skills
sources-schema.json — JSON schema for
```
data/sources.json
```
skill-dependencies.json — Related-skills dependency graph

Templates

assets/checklists/backend-api-review-checklist.md
assets/checklists/secure-code-review-checklist.md
assets/checklists/frontend-performance-a11y-checklist.md
assets/checklists/mobile-release-checklist.md
assets/checklists/ux-design-review-checklist.md
assets/checklists/ux-research-plan-template.md

Utilities

utilities/README.md
utilities/auth-utilities.md
utilities/error-handling.md
utilities/config-validation.md
utilities/resilience-utilities.md
utilities/logging-utilities.md
utilities/observability-utilities.md
utilities/testing-utilities.md
utilities/llm-utilities.md

Related Skills

../software-code-review/SKILL.md — Review workflow and judgment; cite
```
CC-*
```
IDs
../software-security-appsec/SKILL.md — Security deep dives beyond baseline
```
CC-SEC-*
```
../qa-refactoring/SKILL.md — Refactoring execution patterns and quality gates
../software-architecture-design/SKILL.md — System-level tradeoffs and boundaries

Optional: AI/Automation

Map automation findings to
```
CC-*
```
IDs (linters, SAST, dependency scanning) so humans can review impact, not tooling noise.
Keep AI-assisted suggestions advisory; human reviewers approve/deny with rule citations (https://conventionalcomments.org/).

Trend Awareness Protocol

IMPORTANT: When users ask recommendation questions about clean code standards, linters, or code quality tools, you MUST use a web search capability (if available) to check current trends before answering. If web search is unavailable, say so and answer using

data/sources.json

, clearly flagging that the recommendation may be stale.

Trigger Conditions

"What's the best linter for [language]?"
"What should I use for [code quality/static analysis]?"
"What's the latest in clean code practices?"
"Current best practices for [code standards/formatting]?"
"Is [ESLint/Prettier/Biome] still relevant in 2026?"
"[Biome] vs [ESLint] vs [other]?"
"Best static analysis tool for [language]?"

Required Searches

Search:
```
"clean code best practices 2026"
```

Search:

"[specific linter] vs alternatives 2026"

Search:
```
"code quality tools trends 2026"
```
Search:
```
"[language] linter comparison 2026"
```

What to Report

After searching, provide:

Current landscape: What linters/formatters are popular NOW
Emerging trends: New tools, standards, or patterns gaining traction
Deprecated/declining: Tools/approaches losing relevance or support
Recommendation: Based on fresh data, not just static knowledge

Example Topics (verify with fresh search)

JavaScript/TypeScript linters (ESLint, Biome, oxlint)
Formatters (Prettier, dprint, Biome)
Python quality (Ruff, mypy, pylint)
Go linting (golangci-lint, staticcheck)
Rust analysis (clippy, cargo-deny)
Code quality metrics and reporting tools
AI-assisted code review tools

software-clean-code-standard

NPX Install

Tags

SKILL.md Content