Fix and prove in CI
Deploy gate for vibe-coded apps
Scan in the browser, fix with Cursor prompts, re-scan for delta — then block merges when GO/NO-GO blockers remain. Not Lighthouse. Same launch judgment you already trust.
What fails the gate
- NO-GO verdict (P0 launch blockers)
- Score below
PREFLIGHT_MIN_SCORE(default 80) - Any P0 check failure — exposed secrets, missing privacy page, HTTPS, noindex, robots blocking Google, etc.
1. Composite GitHub Action
Copy .github/actions/deploylint-gate from the vibe monorepo (or vendor the folder). Set secret DEPLOYLINT_GATE_URL to your production URL.
name: Deploylint deploy gate
on:
pull_request:
push:
branches: [main]
jobs:
deploylint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
# Copy .github/actions/deploylint-gate from github.com/PyRo1121/vibe
# Or use the curl script below — same gate rules.
- uses: ./.github/actions/deploylint-gate
with:
url: ${{ secrets.DEPLOYLINT_GATE_URL }}
api: https://deploylint.com
min_score: '80'
mode: gate mode: advisory— report issues without failing the buildmin_score— default 80; lower for early-stage apps
2. Zero-install workflow (curl)
No action folder — fetch /gate-remote.mjs at runtime. PR comments need GITHUB_TOKEN.
name: Deploylint deploy gate (zero-install)
on:
pull_request:
push:
branches: [main]
jobs:
deploylint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Block deploy if launch blockers remain
env:
PREFLIGHT_URL: ${{ secrets.DEPLOYLINT_GATE_URL }}
PREFLIGHT_API: https://deploylint.com
PREFLIGHT_MIN_SCORE: '80'
# PREFLIGHT_MODE: advisory # report only, never blocks
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
curl -fsSL https://deploylint.com/gate-remote.mjs -o gate-remote.mjs
node gate-remote.mjs "$PREFLIGHT_URL" - PR comments — verdict, score, failing checks, report link
- Job summary — same markdown in the Actions run summary
node gate-remote.mjs URL --json— structured output for custom steps
3. Zero-install script (local / CI)
Fetch the hosted gate from /gate-remote.mjs — no monorepo required.
curl -fsSL https://deploylint.com/gate-remote.mjs -o gate-remote.mjs
node gate-remote.mjs https://your-app.com Exit code 0 = pass · 1 = fail · 2 = usage/API error
4. Monorepo CLI
If you fork or clone the Deploylint repo:
npm run gate -w preflight -- https://your-app.com
# Or with env vars:
PREFLIGHT_URL=https://your-app.com PREFLIGHT_MIN_SCORE=80 npm run gate -w preflight5. Cursor MCP + agent skill
Add to .cursor/mcp.json at your repo
root (clone vibe or copy apps/preflight-mcp):
{
"mcpServers": {
"deploylint": {
"command": "npx",
"args": ["tsx", "apps/preflight-mcp/src/index.ts"],
"env": {
"DEPLOYLINT_API": "https://deploylint.com"
}
}
}
} deploylint_scan— score, embarrassment risks, issues, fix prompts (format: jsonfor agents)deploylint_gate— PASS/FAIL;advisory: truefor non-blocking reportsunlock_session_id— after $9 checkout, pass Stripecs_live_…for all prompts + master paste- Legacy
preflight_scan/preflight_gatealiases still work
Agent skill for skills.sh: skills/deploylint/SKILL.md in the repo — copy into your agent skills folder.
API base: DEPLOYLINT_API (default https://deploylint.com)
6. README score badge
After a scan, copy the badge from the report summary — embed proof in your repo README (like CI shields, but launch-readiness):
[](https://deploylint.com/r/YOUR_REPORT_ID) Shared reports include an OG image at /r/[id]/badge.svg for Slack,
X, and GitHub link previews.
The full loop
- Scan free at deploylint.com
- Unlock fix prompts ($9) → paste into Cursor
- Re-scan to prove score delta
- Wire this gate into CI so regressions never ship