Published validation report

Install, smoke, load, and security checks

Disposable container install, first-run init, offline load testing, and a tracked-file Gitleaks scan. This is the set we can show publicly without exposing worktree artifacts.

Back to home GitHub repo Releases
Pass

Install smoke

brew tap oleg-koval/tap && brew install promptctl succeeded in a disposable Linux container. The installed binary reported promptctl v1.0.0.

Pass

First-run init

promptctl init created starter templates in a clean temp home and completed without manual intervention.

70 ms

Offline load test

25 consecutive promptctl create runs completed in 70 ms total, averaging 2 ms per call.

Clean

Security scan

Tracked files only. Gitleaks reported no leaks. Local worktree artifacts under .worktrees/ and worker-try/.dev.vars were excluded from the showcased result.

Methodology

What we ran

The goal was a public-proof set: one install smoke, one first-run smoke, one load test, and one security scan that matches repository scope.

Check Scope Result Why it matters
Install smoke Disposable Docker container Passed Verifies the published Homebrew tap installs the release users actually get.
Init smoke Fresh temp HOME Passed Checks the first-run path and starter template bootstrap.
Load test 25 offline prompt generations 70 ms total Shows the rule-based prompt builder stays fast under repeated calls.
Security scan Tracked files only No leaks found Keeps the public report aligned with the real open-source tree.

Init output

✓ Step 1/4 — Config and starter templates ready.
Initialized promptctl in: ~/.promptctl/templates
Starter templates have been created.
Run 'promptctl list' to see them.

Load test summary

25 offline prompt generations
Total runtime: 70 ms
Average runtime: 2 ms per call

Security scan summary

tracked-files-only gitleaks scan
scanned ~703 KB
no leaks found
Next tests

What else is worth keeping

These are the additional checks I would keep on a release checklist once you want deeper coverage than the public showcase.

Prompt regression tests

Run promptctl test against a fixed template corpus to catch output drift before release.

Package matrix

Install on macOS arm64, macOS x86_64, and Linux x86_64 so tap and binary packaging stay honest.

Live provider call

Exercise the networked send path with a configured provider to confirm the cloud boundary still behaves as expected.

Artifact integrity

Verify release checksums and Homebrew formula updates on every tag so downstream installs remain reproducible.

This report only includes checks we can safely publish. Repo-local secrets and worktree artifacts stay out of the public scan scope.