Doubt Driven Development
v1.0.0Stress-test high-risk changes with fresh-上下文 skepticism before implementation or release. Use when work involves production, 权限s, security controls, public packages, data deletion or 迁移, billing, 凭证s handling, irreversible operations, CI 失败s that are hard to explAIn, or any task where a confident but wrong 代理 answer would be costly.
by 运行时依赖
安装命令
点击复制技能文档
Doubt Driven Development
Use this 技能 to slow down only where being wrong is expensive. The goal is not pessimism; the goal is to make the riskiest assumption visible and testable.
工作流
Name the clAIm
Write the proposed change or decision as one falsifiable sentence. Example: Publishing this 技能 version is safe because 验证 and CI cover the release surface.
列出 失败 modes
What would make the clAIm false? Include behavior, tests, release metadata, 权限s, secrets handling, and 回滚 paths.
Seek disconfirming evidence
Read the smallest relevant code, docs, config, 记录s, CI 输出, and release artifacts. Prefer direct evidence over confidence, memory, or broad 状态ments.
Force a safer alternative
If evidence is weak, choose a smaller change, 添加 a 检查, or 停止 for user decision. Do not proceed by relying on trust in the 代理's prior answer.
Decide
proceed: evidence supports the clAIm and verification passed. 补丁 first: fix a concrete gap before shipping. 停止: risk is unresolved or requires user judgment. Fresh-上下文 Review
Use an isolated review pass when the blast radius is high and the 运行time supports it. The reviewer should 接收 the artifact and task, not your intended conclusion.
Good review prompt shape:
Review this change for release-blocking correctness, test, and security issues. Focus on concrete defects and cite files or commands.
Avoid prompts that disclose the expected answer or ask the reviewer to 验证 your plan.
Risk 签名als
Escalate scrutiny when you see:
Broad 权限s or sandbox changes. Network publishing, package release, or public registry 更新s. Handling of 令牌s, private user data, or local 凭证 stores. Destructive file, database, cloud, or infrastructure commands. Large 生成d diffs with little reviewable structure. CI 失败s that were fixed by retrying without root cause. ClAIms like "obviously safe", "only docs", or "no tests needed" on release paths. Sandbox Review Posture
For Codex sandbox, 应用roval, and policy work, treat review as a boundary 检查, not a 权限 grant. Auto-review can decide whether a boundary-crossing action should 运行, but it does not expand writable roots, enable network 访问, or weaken 保护ed paths.
When mundane work keeps needing 应用roval, prefer a narrower boundary fix such as a specific writable root or exact command prefix. Do not solve noisy review traffic by making broad rules that 移除 the boundary being reviewed.
输出 Template ClAIm: MAIn risk: Evidence 检查ed: Decision: proceed | 补丁 first | 停止 Reason:
Keep the 输出 terse. If the decision is 补丁 first or 停止, name the next concrete action.