Skip to content

feat: add LaunchDarkly feature-flag guidance to engineer and tech-lead plugins#158

Open
withinfocus wants to merge 3 commits into
mainfrom
feat/launchdarkly-feature-flag-guidance
Open

feat: add LaunchDarkly feature-flag guidance to engineer and tech-lead plugins#158
withinfocus wants to merge 3 commits into
mainfrom
feat/launchdarkly-feature-flag-guidance

Conversation

@withinfocus

@withinfocus withinfocus commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

🎟️ Tracking

Advances ARCH-43: Feature flag lifecycle management. This PR delivers part of that initiative's standards-and-guidance work at the plugin layer.

📔 Objective

Ground the software-engineer and tech-lead agents in how Bitwarden actually uses feature flags, and wire in LaunchDarkly's optional ai-tooling plugin so its skills get used when they're installed.

bitwarden-software-engineer → 1.1.0

  • Feature-flag conventions from the contributing docs: server-side .NET reads flags through the core Bitwarden.Server.Sdk.Features package (IFeatureService, FeatureFlagKeys, [RequireFeature]) instead of a hand-rolled abstraction or the raw LaunchDarkly SDK. Clients are simple consumers that read flag state from the server's /config endpoint.
  • Two discipline rules: one flag per independently releasable feature, and a split between release flags and operational flags (kill switches can be permanent, so they aren't cleanup candidates).
  • The optional launchdarkly plugin covers the flag lifecycle (flag-discovery/flag-command, flag-create, flag-targeting, flag-cleanup). Creating the flag is a manual tech-lead or manager step today; flag-create can automate it over MCP, but only after confirming with whoever owns the flag.

bitwarden-tech-lead → 2.4.0

  • architecting-solutions gains a "Feature-flag new work by default" principle (decide placement up front, one flag per feature, default off, gradual rollout instead of a binary flip, release vs operational) plus a Red Flag for feature work that ships without a flag when one is warranted.
  • The optional launchdarkly plugin covers the release-strategy side (guarded-rollout, experiment-setup, metric-choose/metric-create). It's an explicit exception to the plugin's "all cross-plugin skills required" rule, so the agent still works when it isn't installed.

Both plugins gate their LaunchDarkly guidance on the plugin being installed and its hosted MCP server being configured (install link included). Version bumps and changelog entries are part of the PR, and rollout/rollouts are added to the cspell dictionary.

…d plugins

Ground both agents in Bitwarden's feature-flag practice and wire in the
optional LaunchDarkly plugin.

bitwarden-software-engineer (1.1.0):
- Feature-flag conventions per contributing docs: server-side .NET uses
  Bitwarden.Server.Sdk.Features (IFeatureService, FeatureFlagKeys,
  [RequireFeature]); clients consume flag state from the /config endpoint.
- Discipline rules: one flag per independently-releasable feature;
  release-vs-operational (kill switches may be permanent).
- Optional launchdarkly plugin for the flag lifecycle (discovery, create,
  targeting, cleanup); flag-create can automate the currently-manual
  LaunchDarkly-side creation, gated on confirming with the flag owner.

bitwarden-tech-lead (2.4.0):
- architecting-solutions: "Feature-flag new work by default" principle
  (placement, one-flag-per-feature, default off, gradual rollout,
  release-vs-operational) plus a matching Red Flag.
- Optional launchdarkly plugin for the release-strategy side (guarded
  rollout, experiment/metric setup), carved out as an explicit exception
  to the "all cross-plugin skills required" contract.

Adds rollout/rollouts to the cspell dictionary.
@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown

Plugin Validation Summary — PR #158

Result: ✅ All checks passed. No critical, major, or minor errors found. Two optional (warning-level) suggestions are noted below.

Validated 2 changed plugins across 9 files using the plugin-validator and skill-reviewer agents (plugin-dev) and the reviewing-claude-config skill (claude-config-validator).

Plugin Version Checks
bitwarden-software-engineer 1.1.0 ✅ Pass
bitwarden-tech-lead 2.4.0 ✅ Pass

1. Plugin Structure Validation (plugin-validator)

bitwarden-software-engineer — PASS

  • plugin.json: valid JSON; name matches directory; version 1.1.0 valid semver; description and all optional fields well-formed; agents./agents/AGENT.md.
  • agents/AGENT.md: name (28 chars, lowercase-hyphen) valid; four well-formed <example> blocks; model: opus valid; color: blue valid; tools: Read, Write, Edit, Bash, Glob, Grep, Skill all valid; system prompt substantial (>20 chars).
  • CHANGELOG.md: Keep a Changelog format; top entry ## [1.1.0] - 2026-07-06 matches plugin.json and marketplace.json; ### Added category correct.
  • README present. No hooks/MCP config. No hardcoded credentials.

bitwarden-tech-lead — PASS

  • plugin.json: valid JSON; name matches directory; version 2.4.0 valid semver; fields well-formed; agents./agents/AGENT.md.
  • agents/AGENT.md: name (19 chars) valid; four well-formed <example> blocks; model: opus valid; color: cyan valid; tools: Read, Write, Glob, Grep, Skill all valid (no Bash — appropriate for a planning role); optional skills: list references two existing skill directories; system prompt substantial.
  • skills/architecting-solutions/SKILL.md: frontmatter has valid name + description; allowed-tools lists Skill + read-only Atlassian MCP tools (naming convention consistent with 17 other repo files).
  • CHANGELOG.md: Keep a Changelog format; top entry ## [2.4.0] - 2026-07-06 matches plugin.json and marketplace.json; ### Added category correct.
  • README present. No hooks/MCP config. No hardcoded credentials.

Version consistency confirmed across CHANGELOG ↔ plugin.json ↔ marketplace.json for both plugins.


2. Skill Review (skill-reviewer)

bitwarden-tech-lead/skills/architecting-solutions/SKILL.md — PASS

  • Frontmatter valid; both required fields present.
  • Description in correct third-person/imperative form with specific trigger phrases (~480 chars, within range).
  • Body word count 1,491 (within the 1,000–3,000 target).
  • Consistent imperative/infinitive writing style; the PR's new "Feature-flag new work by default" principle (lines 36–42) and matching Red Flag (line 91) are cleanly integrated and correctly placed under "Bitwarden-Specific Principles".
  • Progressive disclosure appropriate: a principles/decision-framework skill with no code — absence of references//examples/ is correct, not a defect.
  • All Skill() and external references resolve to real targets.

Warnings (optional, not blocking):

  • SKILL.md:3 — The PR added a substantial feature-flag topic but no matching trigger phrase in the description. Consider adding e.g. "deciding whether work needs a feature flag" so flag-oriented queries route here reliably.
  • SKILL.md:62, 82Skill(navigating-the-initiative-funnel) references a skill in the sibling bitwarden-delivery-tools plugin. Pre-existing (not introduced by this PR); works only when delivery-tools is also installed. Worth confirming the plugins are intended to ship together.

3. Security Validation (reviewing-claude-config)

No security issues found.

  • Committed settings: no settings.local.json or settings.json among changed files.
  • Secrets/credentials: none. Matches for tokens/secrets/password are contextual prose (org-scoped tokens, the detecting-secrets skill name, "Bitwarden is a password manager").
  • URLs: all HTTPS and legitimate (LaunchDarkly MCP install link, contributing.bitwarden.com, github.com/bitwarden, Atlassian wiki); no embedded credentials.
  • Permission scoping: agent tools: fields appropriately scoped (Bash only on the implementer agent, not the planning agent); SKILL.md allowed-tools limited to Skill + read-only Atlassian MCP tools — no write/destructive tooling.
  • Dangerous auto-approvals / broad file access: none.

Conclusion

Both plugins are structurally sound, correctly versioned, changelogged, and free of security concerns. No must-fix items. The two warnings above are optional polish and do not block the PR.

@withinfocus withinfocus added the ai-review Request a Claude code review label Jul 6, 2026
@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown

🤖 Bitwarden Claude Code Review

Overall Assessment: APPROVE

Reviewed the LaunchDarkly feature-flag guidance added to the bitwarden-software-engineer (1.0.0 → 1.1.0) and bitwarden-tech-lead (2.3.2 → 2.4.0) plugins. Changes are documentation and agent-guidance only — no code, dependencies, or credentials. Version bumps are correctly applied across marketplace.json, each plugin's plugin.json, and the root README table, with matching Keep-a-Changelog entries dated 2026-07-06. The optional-plugin exception for launchdarkly is carved out consistently in both the README and AGENT.md, so both agents degrade gracefully when the plugin is absent.

Code Review Details

No blocking or actionable findings.

  • MINOR version bumps match the additive, backward-compatible nature of the guidance changes.
  • cspell dictionary additions (rollout, rollouts) cover the new terms.
  • Server-side vs client-side flag guidance and the release-vs-operational distinction are internally consistent between the engineer AGENT.md, tech-lead AGENT.md, and architecting-solutions SKILL.md.

…tions

- Break the dense feature-flag principle into a nested sub-list for scannability.
- Trim the "always used for new work" clause repeated in the Red Flag.

No behavior change; refines guidance added earlier in this PR.
The SDK/evaluation detail (Bitwarden.Server.Sdk.Features, IFeatureService,
/config) is behavioral guidance that belongs in AGENT.md, where it already
lives. Other cross-plugin integrations carry only a table row, not a prose
paragraph; this drops the duplicated block. The launchdarkly row in the
cross-plugin table still covers the integration at README altitude.
@withinfocus withinfocus marked this pull request as ready for review July 6, 2026 18:27
@withinfocus withinfocus requested a review from a team as a code owner July 6, 2026 18:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

ai-review Request a Claude code review

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant