The Daily Loop
Every working session follows the same four-step loop. Each step has a prerequisite. Skipping steps breaks context — your ticket won’t be linked, your standards won’t be checked, and your PR will go out with unresolved problems.
The flow
flowchart TD
A["/safina:backlog\nPull tickets · pick focus · set session context"]
B["Do the work\nWrite code · write unit tests · commit"]
C["/safina:test\nConformance + correctness · standards · QA readiness"]
D["Fix Errors"]
E["/safina:hunt\nSecurity · CVEs · bugs · regressions · flaky tests"]
F["Remediate"]
G["/safina:update\nPost commit summary · Slack · QA handoff"]
H["Merge / PR"]
A --> B
B --> C
C -->|"Errors"| D
D --> C
C -->|"Clean"| E
E -->|"Errors"| F
F --> E
E -->|"Clean"| G
G --> H
Step-by-step
1. /safina:backlog — every session, first
Pull your assigned tickets from Linear (Tier 1) or GitHub issues (Tier 2). Pick what you’re working on today. The ticket ID you confirm here is the context that /safina:update requires.
What it gates: /safina:update will not post an update without a ticket. If you try to run it without knowing your ticket, it stops and sends you back here.
2. Do the work — and write tests
Write code. As you work, write the unit tests that cover what you’re building. This is not optional — /safina:test checks for test coverage before running standards checks, and flags missing tests as a Error.
What it gates: /safina:test scans for test files covering the changed code before doing anything else. No tests → Error → you write tests first.
3. /safina:test — before merging
Reads the diff against Ilmiya’s skills docs and checks:
- Standards: API design, resource naming, error design, naming conventions, observability
- Correctness: does the implementation do what it claims?
- Test coverage: are critical paths covered and are assertions real?
- Commit convention: do commits follow the Ilmiya format?
Produces a report: Errors (must fix) / Patches (should fix) / Notices (worth knowing).
Fix all Errors before moving forward.
4. /safina:hunt — before any PR or merge
Goes on the offensive. Hunts for what a developer wouldn’t catch in normal review:
- Security vulnerabilities (OWASP Top 10, auth bypass, injection, exposed secrets)
- Dependency CVEs and version mismatches
- Hidden bugs: null dereferences, unchecked errors, race conditions
- Regressions in existing behaviour
- Flaky test patterns
- Data integrity gaps and multi-tenancy risks
What it gates: /safina:update will not apply a QA-ready or PR-ready flag if hunt hasn’t been run or if Errors remain unresolved.
5. /safina:update — after committing work
Reads your recent git commits, links them to the right ticket, and posts a smart summary comment. Notifies Slack. Optionally flags the ticket as QA-ready and pings Adnan.
Requires:
- A ticket in context (from
/safina:backlog) /safina:huntrun and Errors remediated (for QA or PR handoffs)
The report format
All three analysis commands (test, hunt) use the same three-tier severity:
| Tier | Meaning |
|---|---|
| Error | Hard standard broken or critical vulnerability — must be fixed |
| Patch | Quality gap or serious bug — should be fixed |
| Notice | Worth knowing, informational — not blocking |
Only Errors block the loop. Patches and Notices are surfaced for awareness but don’t stop you from moving forward.
When to use Claude’s built-in commands
The ilmiya commands manage the backlog and quality loop. Claude’s built-ins complement them for the thinking and creation work in between:
| Claude built-in | When to use it |
|---|---|
/plan | Planning a new feature or breaking down a ticket |
/review | Ad-hoc code review mid-work (less formal than /safina:test) |
See Claude’s commands for the full picture.