How to install flows-external-app-submit
npx skills add https://github.com/cognitedata/builder-skills --skill flows-external-app-submitFull instructions (SKILL.md)
Source of truth, from cognitedata/builder-skills.
name: flows-external-app-submit
description: >-
Final gate of the Flows app certification flow for external submission.
Verifies that flows-app-brief, flows-code-review, and flows-design-review have
all been run and are in a passing state (App-Brief.md complete, 0 Must Fix in
latest code review, design average ≥ 3.8), then runs
npx @cognite/cli apps submit to zip the repo and pre-populate the submission
form. Use when the user asks to submit a Flows app for certification, run
flows-external-app-submit, or finalize an app for external review.
allowed-tools: Read, Glob, Grep, Bash, AskQuestion, Write
Flows External App Submit
This is step 4 (final) of the Flows app certification flow:
flows-app-brief → build → flows-code-review → flows-design-review → flows-external-app-submit (this skill)
This skill does not rerun any review. It verifies the artifacts from the prior three steps and only then invokes the CLI submit command.
Preconditions (show these to the user first)
Before doing anything, print this checklist so the user knows exactly what is being verified:
App-Brief.mdexists at repo root and all required frontmatter fields are populated.- The latest
reviews/code-review/feedback-round-<N>/code-review-report.mdis committed to git and reportsMust Fix open: 0. - The latest
reviews/design-review/feedback-round-<N>/design-review-report.mdis committed to git and reportsAverage score: X.Xwith X.X ≥ 3.8. - Certification artifacts are committed —
apps submitusesgit archive HEADand silently excludes uncommitted files. - A deploy bundle exists in
.cognite-bundles/and is not older than HEAD.
Step 0 — Air-hatch preflight (offer stubs if reviews are missing)
App-Brief.md is non-negotiable — it captures the value case the certification reviewer reads first. The code and design reviews, however, can be air-hatched with a clear "SKIPPED" status that the reviewer will see and act on. Use this when the user wants to submit without spending the 20+ minutes each review takes.
Probe for each review artifact via git ls-files:
git ls-files 'reviews/code-review/' | grep -q 'code-review-report.md' && echo code_present || echo code_missing
git ls-files 'reviews/design-review/' | grep -q 'design-review-report.md' && echo design_present || echo design_missing
- Both reports present → skip Step 0, continue at Step 1.
App-Brief.mdmissing → continue to Step 1, which fails with the standard "Runflows-app-brieffirst" message. The air-hatch does not cover App-Brief.- Either review missing → offer the air-hatch via
AskQuestion:
"Review artifacts missing: <list which>. Choose:
- Run real reviews — exit here; user runs
flows-code-review/flows-design-reviewfirst (~20 min each). Recommended for first-time submissions.- Quick submit (stubs) — write SKIPPED stub reports for the missing reviews. The Cognite certification reviewer will see the SKIPPED status and request real reviews before approval, but you can submit now.
- Cancel — stop without doing anything."
On Run real reviews: print the next-step command (flows-code-review and/or flows-design-review) and exit.
On Cancel: exit.
On Quick submit: for each missing review, write the stub using the templates in "Stub templates" at the end of this skill:
reviews/code-review/feedback-round-0/code-review-report.mdreviews/design-review/feedback-round-0/design-review-report.md
Round 0 is intentional — real review skills start at feedback-round-1. When the user later runs a real review, sort -V | tail -1 picks the higher round number, so the stub is automatically superseded without manual cleanup.
After writing the stubs, tell the user:
"Stub reports written. Commit them along with
App-Brief.md, then re-run this skill:git add App-Brief.md reviews/ git commit -m 'chore: certification artifacts (reviews skipped)'"
Exit. The user re-runs the skill after committing.
Step 1 — Verify App-Brief.md
test -f App-Brief.md
If missing → fail with: "Run flows-app-brief first to create the App-Brief.md."
Parse the YAML frontmatter (the block between the first --- and the next --- at the top of the file). Required keys that must be present and non-empty:
appNamecustomertierowneruserRolecurrentProblemoneSentenceStorysuccessCriteriauserEvidence
If any are missing or empty → fail with the list of missing fields and: "Re-run flows-app-brief to complete the brief."
Optional (not blocking): userCount, businessValue, milestones, repoUrl.
Step 2 — Verify code review
Find the latest committed round report:
git ls-files 'reviews/code-review/' | grep 'code-review-report.md' | sort -V | tail -1
If no result → fail with: "Run flows-code-review first, then commit the artifacts."
Parse the Summary block from that code-review-report.md.
If the Summary block contains a line matching ^- Status: SKIPPED$ → mark this check as SKIPPED (not PASS, not FAIL) and skip the numeric check. The stub came from the Step 0 air-hatch; the reviewer will see the SKIPPED status.
Otherwise, it must contain a line matching this exact regex:
^- Must Fix open: (\d+)$
If the integer is 0 → pass. Otherwise → fail with: "Open Must Fix items remain in the latest code-review-report.md. Re-run flows-code-review until Must Fix open: 0."
If neither the Status nor the Must Fix line is present → fail with: "Latest code review report is missing the Summary block. Re-run flows-code-review."
Step 3 — Verify design review
Find the latest committed round report:
git ls-files 'reviews/design-review/' | grep 'design-review-report.md' | sort -V | tail -1
If no result → fail with: "Run flows-design-review first, then commit the artifacts."
Parse the Summary block from that design-review-report.md.
If the Summary block contains a line matching ^- Status: SKIPPED$ → mark this check as SKIPPED (not PASS, not FAIL) and skip the numeric check. The stub came from the Step 0 air-hatch; the reviewer will see the SKIPPED status.
Otherwise, it must contain a line matching:
^- Average score: (\d+(?:\.\d+)?)$
If the number is ≥ 3.8 → pass. Otherwise → fail with: "Design review average is below the launch threshold (3.8). Address the Must Fix and Should Fix items in the latest design-review-report.md and re-run flows-design-review in a new feedback round."
Step 4 — Verify certification artifacts are committed
apps submit uses git archive HEAD — uncommitted files are silently excluded from the source archive. Check that the three certification artifacts are tracked:
git ls-files --error-unmatch App-Brief.md 2>/dev/null
git ls-files --error-unmatch "<latest-code-review-report-path>" 2>/dev/null
git ls-files --error-unmatch "<latest-design-review-report-path>" 2>/dev/null
If any of these files is not committed → BLOCK with:
"The following certification files are not committed to git.
apps submitusesgit archive HEADand will silently omit them from the source archive — the reviewer will not see them.\n\nPlease run:\n git add <missing files>\n git commit -m 'chore: add certification artifacts'\n\nThen re-run this skill."
If all certification artifacts are committed but there are other uncommitted changes in the working tree → WARN (do not block):
"You have uncommitted changes outside the certification artifacts.
apps submitusesgit archive HEAD— those changes will not appear in the submitted source archive. If they should be part of certification, commit them first."
Step 5 — Verify deploy bundle
ls .cognite-bundles/*.zip 2>/dev/null | head -1
If no bundle exists → WARN (do not block): "No deploy bundle found in .cognite-bundles/. Run npx @cognite/cli apps deploy first so the submitted source archive and deployed bundle come from the same code."
If a bundle exists, check whether it pre-dates HEAD:
bundle=$(ls -1t .cognite-bundles/*.zip 2>/dev/null | head -1)
if [ -n "$bundle" ]; then
bundle_mtime=$(stat -f %m "$bundle" 2>/dev/null || stat -c %Y "$bundle")
head_time=$(git log -1 --format=%ct HEAD)
if [ "$bundle_mtime" -lt "$head_time" ]; then
echo "WARN"
fi
fi
If the bundle is older than HEAD → WARN (do not block):
"The deploy bundle in
.cognite-bundles/is older than the current HEAD commit. The certification reviewer compares the deployed bundle against the submitted source — if you committed changes after your last deploy, they won't match. Re-runnpx @cognite/cli apps deploybefore submitting. (npm run buildalone does not refresh the bundle — onlyapps deploydoes.)"
Step 6 — Print pass/fail table
Print a table like:
Check Result
----- ------
App-Brief.md complete PASS / FAIL — reason
Code review Must Fix open: 0 PASS / FAIL / SKIPPED — reason
Design review average ≥ 3.8 PASS / FAIL / SKIPPED — reason
Certification artifacts committed PASS / FAIL — reason
Deploy bundle present and current PASS / WARN — reason
SKIPPED only applies to the code and design review rows and only when Step 0's air-hatch wrote a stub. Render SKIPPED rows with the note SKIPPED — user opted out via Step 0 air-hatch.
If any check is FAIL: stop here. Do not run the CLI. Print the precise next-step skill the user should run. SKIPPED rows do not block — they pass through to Step 7, which adds an explicit confirmation.
Step 7 — Confirm and submit
If any check is SKIPPED, prepend an explicit warning to the confirm prompt:
"WARNING — the following reviews are SKIPPED: <list>. The Cognite certification reviewer will see the SKIPPED status in the submitted reports and will request a real review before approval. Proceed with submit anyway?"
Otherwise (all PASS, warnings OK), use the standard confirm prompt:
"All certification checks passed. Run
npx @cognite/cli apps submitnow? This will zip the repo and pre-populate the Zendesk submission form."
On yes:
npx @cognite/cli@latest apps submit
Stream the output to the user.
Step 8 — Post-submit handoff
When this skill invokes apps submit via Bash, the CLI runs non-interactively (process.stdout.isTTY === false) and skips its auto-open-browser / reveal-in-file-manager step. The CLI still prints the file list, screen-recording prompt, and Zendesk URL — but the user must act on them manually.
After the CLI finishes, print this to the user:
The CLI ran non-interactively so it didn't open the browser or file manager. To finish:
- Open the Zendesk URL from the CLI output above. The URL requires a sign-in on
support.cognite.com— create an account there if you don't have one, then revisit the link.- Open
dist/submit/in your file manager and drop in a short screen recording of the certified user journey.- Attach every file in
dist/submit/(source archive, deploy bundle, screen recording) to the Zendesk ticket.- Push your commits if the branch is ahead of origin.
Then run git status --short --branch and surface the ahead/behind count explicitly under step 4 if the branch is ahead of origin.
Stub templates (used by Step 0 air-hatch)
When the user picks Quick submit (stubs) in Step 0, write the missing reports using these exact templates. Create the parent directory first if it does not exist.
Code review stub
Path: reviews/code-review/feedback-round-0/code-review-report.md
# Code Review Report — Round 0
**Status: SKIPPED** — user opted out of `flows-code-review` at submit time.
The Cognite certification reviewer will see this SKIPPED status and request a real `flows-code-review` run before approval. Re-run `flows-code-review` to replace this stub with a real round.
## Summary
- Status: SKIPPED
- Must Fix open: 0
- Should Fix open: 0
- Nit open: 0
Design review stub
Path: reviews/design-review/feedback-round-0/design-review-report.md
# Design Review Report — Round 0
**Status: SKIPPED** — user opted out of `flows-design-review` walkthrough at submit time.
The Cognite certification reviewer will see this SKIPPED status and request a real `flows-design-review` walkthrough before approval. Re-run `flows-design-review` to replace this stub with a real round.
## Summary
- Status: SKIPPED
- Average score: N/A
Related skills
More from cognitedata/builder-skills and the wider catalog.
skill-creator
Create new skills, modify and improve existing skills, and measure skill performance. Use when users want to create a skill from scratch for Claude Code or Cursor, update or optimize an existing skill, run evals to test a skill, benchmark skill performance with variance analysis, or optimize a skill's description for better triggering accuracy.
code-quality
MUST be used whenever reviewing a Flows app for code quality, maintainability, or clean code issues — before a PR review, after a feature is complete, or when the user asks for a code review. Do NOT skip linting steps. Triggers: code quality, code review, clean code, refactor, maintainability, technical debt, any type, naming, dead code, duplication, DRY, single responsibility, component size, lint, linting, TypeScript strict, dependency injection, file structure.
dependencies-audit
MUST be used whenever fixing dependency issues in a Flows app. This skill finds AND fixes vulnerabilities, outdated packages, deprecated dependencies, and license issues — it does not just report them. Triggers: dependencies, packages, fix dependencies, update packages, fix vulnerabilities, npm audit fix, pnpm audit fix, CVE fix, outdated, deprecated, supply chain, license.
reveal-3d
Integrates a local Cognite Reveal 3D CAD viewer bundle into Flows apps by copying app-local source code. Use when adding 3D viewer, 3D visualization, Reveal, CAD model, RevealProvider, RevealCanvas, Reveal3DResources, FDM 3D mapping, asset 3D model, model browser, or Cognite 3D content to a Flows application.
design
Simplified Aura guidance for selecting primitives, keeping token usage consistent, and applying reliable layout/copy/state patterns in Flows and Fusion apps.
test-coverage
MUST be used whenever fixing test coverage for a Flows app to meet the 80% line coverage hard gate. This skill finds AND fixes coverage gaps — it configures tooling, writes missing tests, covers untested paths, and refactors code for testability. It does not just report. Triggers: test coverage, fix tests, write tests, add tests, coverage fix, 80% coverage, coverage gate, missing tests, testability, vitest coverage, jest coverage.