publish-safelisted

Five mechanical gates for any content publish pipeline with CMS + rendering layers. Prevents false security: 'API returned 200' does not mean 'visitor sees clean content'. Use when writing content to a multi-layer serving system (CMS API, static files, prerendered HTML, cached copies).
GrazianoGuiducci/d-nd-seed · ★ 1 · AI & Automation · score 71

Install: claude install-skill GrazianoGuiducci/d-nd-seed

# Publish Safe — Five-gate pattern > A publish operation is not atomic. Content traverses layers, and each layer > can silently fail to update. This skill enforces mechanical checks so the > operator does not rely on a single measurement to declare success. ## The anti-pattern this prevents "HTTP 200 = clean" — but HTTP 200 only confirms the API accepted the write. It says nothing about: - whether input had encoding artifacts that got propagated - whether internal links in the content point to valid destinations - whether the file actually reached the serving layer - whether cached/prerendered copies got invalidated - whether the visitor sees new content or stale HTML Each of these is a separate layer. Each layer can fail independently. A gate-less publish has a combinatorial false-positive space. ## The five gates (mechanical, sequential, fail-fast) ### Gate 1 — SANITIZE (pre-write input normalization) Normalize known encoding artifacts before the write. Common sources: - UTF-8 double-encoded through latin-1 (curly quotes appear as `â€œ`, arrows as `â†'`) - Copy-paste from rich text producing mixed codepoints - Platform-specific substitutions (cp1252 em-dash, smart apostrophes) Maintain a `MOJIBAKE_MAP` table ordered **long-first** (longer patterns before their prefixes — otherwise short-match eats part of long sequences). **Scope — which fields to scan:** scan every field that ends up rendered to a consumer, not just the primary content body. Pages typically carry: