What is a Quality Gate in the PRISM framework?

A Quality Gate is a deterministic decision—PASS, CONCERNS, FAIL, or WAIVED—based on risk assessment, test coverage gaps, issue severity, and adherence to non-functional requirements.

Can this skill modify my source code directly?

Yes, the review-story skill has the authority to perform active refactoring to improve maintainability and standards compliance, provided all changes are documented in the QA Results section.

Where does the skill store its findings?

Findings are appended to the 'QA Results' section of the original story file and exported as a structured YAML gate file to the designated QA directory.

What criteria are used for a PASS decision?

A PASS requires all critical requirements to be met, no high-severity issues, no security or data-loss test gaps, and all Non-Functional Requirement (NFR) statuses to be satisfactory.

How does the skill determine the depth of a review?

It uses an automated risk assessment that triggers a deep review if it detects security-sensitive changes (auth/payments), large diffs (over 500 lines), or stories with high complexity (over 5 acceptance criteria).

PRISM Story Review & Quality Gate

Name: PRISM Story Review & Quality Gate
Author: resolve-io

byresolve-io

•

安全与测试

Performs comprehensive test architecture reviews and quality gate assessments to ensure software resilience and maintainability.

关于

The review-story skill is a specialized AI agent within the PRISM framework designed to automate the transition of development stories from 'Review' to 'Done'. It executes an adaptive, risk-aware review process that evaluates code quality, requirements traceability, and test architecture. By generating deterministic PASS/FAIL decisions and detailed quality gate documentation, this skill helps engineering teams maintain high standards of software durability and security while actively identifying and reducing technical debt through integrated refactoring.

主要功能

Adaptive risk assessment that scales review depth based on code complexity and security impact
1 GitHub stars
Active refactoring capabilities to improve code clarity and adherence to design patterns
Comprehensive validation of Non-Functional Requirements (NFRs) including security, performance, and reliability
Automated requirements traceability mapping acceptance criteria to specific validating tests
Deterministic quality gate generation with standardized quality scoring and logic-based decisions

使用场景

Finalizing development stories by performing a formal QA review and quality gate sign-off
Ensuring project-wide compliance with internal coding standards and unified project structures
Automating the identification of technical debt and missing test coverage in complex pull requests

关于

主要功能

Adaptive risk assessment that scales review depth based on code complexity and security impact
1 GitHub stars
Active refactoring capabilities to improve code clarity and adherence to design patterns
Comprehensive validation of Non-Functional Requirements (NFRs) including security, performance, and reliability
Automated requirements traceability mapping acceptance criteria to specific validating tests
Deterministic quality gate generation with standardized quality scoring and logic-based decisions

使用场景

Finalizing development stories by performing a formal QA review and quality gate sign-off
Ensuring project-wide compliance with internal coding standards and unified project structures
Automating the identification of technical debt and missing test coverage in complex pull requests