Problem
The skills/devops-engineer/SKILL.md workflow includes a Deploy step, and the constraints section says not to deploy to production without explicit approval. However, the workflow does not place an explicit approval gate before deployment.
Impact
The skill's safety constraint is not operationalized in the action sequence. An agent could follow the workflow through validation into rollout without stopping for production approval.
Suggested fix
Insert a deployment gate before rollout:
- Determine the target environment.
- If the target is production or customer-facing, show the deployment summary, rollback command, and validation plan.
- Require explicit user approval before running deployment commands.
- If approval is absent, stop with a blocked verdict.
Problem
The
skills/devops-engineer/SKILL.mdworkflow includes aDeploystep, and the constraints section says not to deploy to production without explicit approval. However, the workflow does not place an explicit approval gate before deployment.Impact
The skill's safety constraint is not operationalized in the action sequence. An agent could follow the workflow through validation into rollout without stopping for production approval.
Suggested fix
Insert a deployment gate before rollout: