bash-defensive-patterns
wshobson/agents
Reference guide for writing fault-tolerant, production-grade Bash scripts.
What is bash-defensive-patterns?
This skill provides reference guidance and a best-practices checklist for writing production-grade, defensive Bash scripts. Use it when building shell scripts, CI/CD pipeline steps, or system utilities that need strict error handling, input validation, and fault tolerance.
- Documents core defensive Bash techniques such as strict mode, variable quoting, and [[ ]] conditionals
- Covers error trapping, structured logging, and safe temporary file handling with mktemp/trap
- Provides guidance on input validation, dry-run support, and idempotent script design
- Points to a detailed reference file (references/details.md) with worked examples for deeper patterns
How to install bash-defensive-patterns
npx skills add https://github.com/wshobson/agents --skill bash-defensive-patternsHow to use bash-defensive-patterns
- 1.Invoke the skill when starting to write or review a Bash script intended for production, CI/CD, or system administration use
- 2.Apply the core best practices: add 'set -Eeuo pipefail', quote all variables, and use [[ ]] conditionals
- 3.Add error trapping and structured logging (with timestamps and levels) to the script
- 4.Validate inputs (file existence, permissions, formats) and use mktemp with trap-based cleanup for temp files
- 5.For deeper or less common patterns, consult references/details.md included with the skill
- 6.Add a dry-run mode and design the script to be idempotent and safely rerunnable before finalizing
Use cases
- Writing a deployment automation script that must fail safely and clean up after itself
- Hardening an existing shell script used in a CI/CD pipeline against unhandled errors
- Building a reusable Bash utility library with consistent logging and error trapping
- Reviewing a script for unquoted variables, missing strict mode, or unsafe temp file handling
- Adding dry-run support and idempotency to a system administration script
- Developers writing production Bash automation
- DevOps/SRE engineers building CI/CD pipeline scripts
- System administrators creating maintenance and deployment utilities
- Anyone reviewing or hardening existing shell scripts for safety
bash-defensive-patterns FAQ
Guidance and reference documentation (references/details.md) on defensive Bash programming patterns, plus a best-practices checklist covering strict mode, quoting, error trapping, logging, and idempotency.
No. It's a knowledge/reference skill that an agent reads to write or review Bash scripts following defensive patterns; it doesn't run checks or generate code automatically.
No special prerequisites are listed beyond having Bash available, since the skill is documentation-based guidance for writing scripts.
When writing production automation, CI/CD pipeline scripts, system utilities, or any shell script that needs fault tolerance, input validation, and safe error handling.
Full instructions (SKILL.md)
Source of truth, from wshobson/agents.
name: bash-defensive-patterns description: Master defensive Bash programming techniques for production-grade scripts. Use when writing robust shell scripts, CI/CD pipelines, or system utilities requiring fault tolerance and safety.
Bash Defensive Patterns
Comprehensive guidance for writing production-ready Bash scripts using defensive programming techniques, error handling, and safety best practices to prevent common pitfalls and ensure reliability.
When to Use This Skill
- Writing production automation scripts
- Building CI/CD pipeline scripts
- Creating system administration utilities
- Developing error-resilient deployment automation
- Writing scripts that must handle edge cases safely
- Building maintainable shell script libraries
- Implementing comprehensive logging and monitoring
- Creating scripts that must work across different platforms
Detailed patterns and worked examples
Detailed pattern documentation lives in references/details.md. Read that file when the navigation tier above is insufficient.
Best Practices Summary
- Always use strict mode -
set -Eeuo pipefail - Quote all variables -
"$variable"prevents word splitting - Use [[]] conditionals - More robust than [ ]
- Implement error trapping - Catch and handle errors gracefully
- Validate all inputs - Check file existence, permissions, formats
- Use functions for reusability - Prefix with meaningful names
- Implement structured logging - Include timestamps and levels
- Support dry-run mode - Allow users to preview changes
- Handle temporary files safely - Use mktemp, cleanup with trap
- Design for idempotency - Scripts should be safe to rerun
- Document requirements - List dependencies and minimum versions
- Test error paths - Ensure error handling works correctly
- Use
command -v- Safer thanwhichfor checking executables - Prefer printf over echo - More predictable across systems
Related skills
More from wshobson/agents and the wider catalog.
tailwind-design-system
Build production-ready design systems with Tailwind CSS v4, design tokens, and component libraries.
typescript-advanced-types
Master TypeScript's advanced type system: generics, conditional types, mapped types, and utility types for type-safe applications.
nodejs-backend-patterns
Build production-ready Node.js backends with Express/Fastify, middleware patterns, auth, and database integration.
python-performance-optimization
Profile and optimize Python code using cProfile, memory profilers, and performance best practices.
brand-landingpage
Brand-first landing page designer with guided interviews and Stitch-powered iteration.
python-testing-patterns
Implement comprehensive testing strategies with pytest, fixtures, mocking, and test-driven development.