feat(validation): add PR validation prompt for Next.js standards

- Introduced a new markdown prompt file for validating Pull Requests against Flowcore Next.js development standards.
- The prompt includes critical rules, context-specific instructions, and a structured validation report format.
- Enhanced user guidance by referencing authoritative standards stored in Usable fragments.
- Updated scripts to support local testing and validation processes, ensuring compliance with the new prompt.

This addition aims to streamline the PR review process and ensure adherence to established development standards.

Author: flowcore-platform

.github/prompts/pr-validation.md

@@ -169,6 +169,7 @@ main() {
     fi
   else
     # Static prompt file
+    CUSTOM_PROMPT_FILE="${PROMPT_FILE:-}"
     if [ -n "$CUSTOM_PROMPT_FILE" ] && [ -f "$CUSTOM_PROMPT_FILE" ]; then
       echo "Using static prompt file: $CUSTOM_PROMPT_FILE"
       cp "$CUSTOM_PROMPT_FILE" "$USER_PROMPT_FILE"
@@ -177,6 +178,8 @@ main() {
       echo "Size: $(wc -c < "$USER_PROMPT_FILE") bytes"
     else
       echo "::error::No user prompt file provided or file not found"
+      echo "  PROMPT_FILE: ${PROMPT_FILE:-not set}"
+      echo "  File exists: $([ -f "${PROMPT_FILE:-}" ] && echo "yes" || echo "no")"
       exit 1
     fi
   fi

scripts/fetch-prompt.sh

@@ -4,16 +4,30 @@ set -euo pipefail
 echo "::group::Setting up Gemini Authentication"
 
 # Get the secret value from the environment using the secret name
+# For GitHub Actions, SECRET_NAME is set. For local testing, use default.
+SECRET_NAME="${SECRET_NAME:-GEMINI_SERVICE_ACCOUNT_KEY}"
 SECRET_VALUE="${!SECRET_NAME:-}"
 
 if [ -z "$SECRET_VALUE" ]; then
   echo "::error::Service account key not found in environment variable: $SECRET_NAME"
   echo "Please ensure the secret is set in your workflow: env.$SECRET_NAME"
+  echo "For local testing: export GEMINI_SERVICE_ACCOUNT_KEY='<your-service-account-json>'"
   exit 1
 fi
 
-# Decode base64-encoded service account key
-echo "$SECRET_VALUE" | base64 -d > /tmp/service-account.json
+# Handle both base64-encoded (GitHub Actions) and raw JSON (local testing)
+# Try to detect if it's already JSON by checking for JSON structure
+if [[ "$SECRET_VALUE" =~ ^\{.*\}$ ]] || [[ "$SECRET_VALUE" =~ ^[[:space:]]*\{ ]]; then
+  # Looks like JSON, write directly
+  echo "$SECRET_VALUE" > /tmp/service-account.json
+else
+  # Assume base64-encoded, decode it
+  if ! echo "$SECRET_VALUE" | base64 -d > /tmp/service-account.json 2>/dev/null; then
+    echo "::error::Failed to decode base64 service account key"
+    echo "For local testing, use raw JSON: export GEMINI_SERVICE_ACCOUNT_KEY=\$(cat service-account.json)"
+    exit 1
+  fi
+fi
 
 # Verify JSON format
 if ! jq empty /tmp/service-account.json 2>/dev/null; then
@@ -39,11 +53,13 @@ export GOOGLE_GENAI_USE_VERTEXAI="true"
 export GOOGLE_CLOUD_PROJECT="$PROJECT_ID"
 export GOOGLE_CLOUD_LOCATION="${GOOGLE_CLOUD_LOCATION:-us-central1}"
 
-# Write to GITHUB_ENV for subsequent steps
-echo "GOOGLE_APPLICATION_CREDENTIALS=/tmp/service-account.json" >> $GITHUB_ENV
-echo "GOOGLE_GENAI_USE_VERTEXAI=true" >> $GITHUB_ENV
-echo "GOOGLE_CLOUD_PROJECT=$PROJECT_ID" >> $GITHUB_ENV
-echo "GOOGLE_CLOUD_LOCATION=${GOOGLE_CLOUD_LOCATION}" >> $GITHUB_ENV
+# Write to GITHUB_ENV for subsequent steps (if in GitHub Actions)
+if [ -n "${GITHUB_ENV:-}" ]; then
+  echo "GOOGLE_APPLICATION_CREDENTIALS=/tmp/service-account.json" >> $GITHUB_ENV
+  echo "GOOGLE_GENAI_USE_VERTEXAI=true" >> $GITHUB_ENV
+  echo "GOOGLE_CLOUD_PROJECT=$PROJECT_ID" >> $GITHUB_ENV
+  echo "GOOGLE_CLOUD_LOCATION=${GOOGLE_CLOUD_LOCATION}" >> $GITHUB_ENV
+fi
 
 echo "✅ Gemini authentication configured"
 echo "  Project: $PROJECT_ID"

scripts/setup-gemini.sh

@@ -3,16 +3,21 @@ set -euo pipefail
 
 echo "::group::Setting up MCP Server Integration"
 
+# Set defaults for local testing
+MCP_SECRET_NAME="${MCP_SECRET_NAME:-USABLE_API_TOKEN}"
+MCP_URL="${MCP_SERVER_URL:-https://usable.dev/api/mcp}"
+
 # Get the MCP token from environment using the secret name
 MCP_TOKEN="${!MCP_SECRET_NAME:-}"
 
 if [ -z "$MCP_TOKEN" ]; then
   echo "::error::MCP token not found in environment variable: $MCP_SECRET_NAME"
   echo "Please ensure the secret is set in your workflow: env.$MCP_SECRET_NAME"
+  echo "For local testing: export USABLE_API_TOKEN='<your-usable-api-token>'"
   exit 1
 fi
 
-# Validate MCP URL
+# Validate MCP URL (should be set by default now)
 if [ -z "$MCP_URL" ]; then
   echo "::error::MCP_URL is required when MCP is enabled"
   exit 1
@@ -37,7 +42,11 @@ chmod 600 /tmp/gemini-settings.json
 
 # Set environment variable for Gemini CLI to use this settings file
 export GEMINI_SETTINGS="/tmp/gemini-settings.json"
-echo "GEMINI_SETTINGS=/tmp/gemini-settings.json" >> $GITHUB_ENV
+
+# Write to GITHUB_ENV for subsequent steps (if in GitHub Actions)
+if [ -n "${GITHUB_ENV:-}" ]; then
+  echo "GEMINI_SETTINGS=/tmp/gemini-settings.json" >> $GITHUB_ENV
+fi
 
 echo "✅ MCP server configured"
 echo "  URL: $MCP_URL"

scripts/setup-mcp.sh

@@ -0,0 +1,53 @@
+#!/usr/bin/env bash
+# Quick local test - minimal setup required
+# Usage: ./scripts/test-local-quick.sh [base-branch] [head-branch]
+
+set -euo pipefail
+
+BASE="${1:-main}"
+HEAD="${2:-$(git rev-parse --abbrev-ref HEAD)}"
+
+echo "🧪 Quick Validation Test"
+echo "Base: $BASE → Head: $HEAD"
+echo ""
+
+# Check environment
+if [ -z "${GEMINI_SERVICE_ACCOUNT_KEY:-}" ]; then
+  echo "❌ Set GEMINI_SERVICE_ACCOUNT_KEY first"
+  exit 1
+fi
+
+if [ -z "${USABLE_API_TOKEN:-}" ]; then
+  echo "❌ Set USABLE_API_TOKEN first"
+  exit 1
+fi
+
+# Quick config
+export BASE_BRANCH="$BASE"
+export HEAD_BRANCH="$HEAD"
+export WORKSPACE_ID="${WORKSPACE_ID:-60c10ca2-4115-4c1a-b6d7-04ac39fd3938}"
+export GEMINI_MODEL="${GEMINI_MODEL:-gemini-2.5-flash}"
+export PR_NUMBER="999"
+export PR_TITLE="Local Test"
+export PR_DESCRIPTION="Testing locally"
+export PR_URL="https://github.com/test/local"
+export PR_AUTHOR="$(git config user.name)"
+export PR_LABELS="test"
+export PROMPT_FILE=".github/prompts/pr-validation.md"
+export ACTION_PATH="$(pwd)"
+export MCP_SECRET_NAME="USABLE_API_TOKEN"
+export MCP_SERVER_URL="https://usable.dev/api/mcp"
+export ALLOW_WEB_FETCH="false"
+export MAX_RETRIES="2"
+export USE_DYNAMIC_PROMPTS="false"
+export MERGE_CUSTOM_PROMPT="true"
+
+# Setup and run (source to preserve environment variables)
+source scripts/setup-gemini.sh && \
+source scripts/setup-mcp.sh && \
+source scripts/fetch-prompt.sh && \
+source scripts/validate.sh
+
+echo ""
+echo "✅ Results in /tmp/validation-report.md"
+

scripts/test-local-quick.sh

@@ -0,0 +1,126 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+# Local testing script for Usable PR Validator
+# Run this from the repository root to test validation locally
+
+echo "🧪 Local PR Validator Test"
+echo "============================"
+echo ""
+
+# Check required environment variables
+REQUIRED_VARS=(
+  "GEMINI_SERVICE_ACCOUNT_KEY"
+  "USABLE_API_TOKEN"
+)
+
+MISSING_VARS=()
+for var in "${REQUIRED_VARS[@]}"; do
+  if [ -z "${!var:-}" ]; then
+    MISSING_VARS+=("$var")
+  fi
+done
+
+if [ ${#MISSING_VARS[@]} -gt 0 ]; then
+  echo "❌ Missing required environment variables:"
+  for var in "${MISSING_VARS[@]}"; do
+    echo "   - $var"
+  done
+  echo ""
+  echo "Set them with:"
+  echo "  export GEMINI_SERVICE_ACCOUNT_KEY='<your-service-account-json>'"
+  echo "  export USABLE_API_TOKEN='<your-usable-api-token>'"
+  exit 1
+fi
+
+# Set defaults for optional vars
+export BASE_BRANCH="${BASE_BRANCH:-main}"
+export HEAD_BRANCH="${HEAD_BRANCH:-$(git rev-parse --abbrev-ref HEAD)}"
+export WORKSPACE_ID="${WORKSPACE_ID:-60c10ca2-4115-4c1a-b6d7-04ac39fd3938}"
+export GEMINI_MODEL="${GEMINI_MODEL:-gemini-2.5-flash}"
+export MCP_SERVER_URL="${MCP_SERVER_URL:-https://usable.dev/api/mcp}"
+export ALLOW_WEB_FETCH="${ALLOW_WEB_FETCH:-false}"
+export MAX_RETRIES="${MAX_RETRIES:-2}"
+
+# PR context (for local testing, use dummy values)
+export PR_NUMBER="${PR_NUMBER:-0}"
+export PR_TITLE="${PR_TITLE:-Local Test Run}"
+export PR_DESCRIPTION="${PR_DESCRIPTION:-Testing PR validation locally}"
+export PR_URL="${PR_URL:-https://github.com/local/test}"
+export PR_AUTHOR="${PR_AUTHOR:-$(git config user.name || echo "unknown")}"
+export PR_LABELS="${PR_LABELS:-test}"
+
+# Prompt file
+export PROMPT_FILE="${PROMPT_FILE:-.github/prompts/pr-validation.md}"
+export USE_DYNAMIC_PROMPTS="${USE_DYNAMIC_PROMPTS:-false}"
+export MERGE_CUSTOM_PROMPT="${MERGE_CUSTOM_PROMPT:-true}"
+
+# Secret names (for consistency with action)
+export MCP_SECRET_NAME="USABLE_API_TOKEN"
+
+echo "📋 Configuration:"
+echo "   Base Branch: $BASE_BRANCH"
+echo "   Head Branch: $HEAD_BRANCH"
+echo "   Workspace ID: $WORKSPACE_ID"
+echo "   Model: $GEMINI_MODEL"
+echo "   Prompt File: $PROMPT_FILE"
+echo ""
+
+# Check if prompt file exists
+if [ "$USE_DYNAMIC_PROMPTS" != "true" ] && [ ! -f "$PROMPT_FILE" ]; then
+  echo "❌ Prompt file not found: $PROMPT_FILE"
+  echo ""
+  echo "Either:"
+  echo "  1. Create the prompt file at: $PROMPT_FILE"
+  echo "  2. Set PROMPT_FILE to an existing file"
+  echo "  3. Use dynamic prompts: export USE_DYNAMIC_PROMPTS=true PROMPT_FRAGMENT_ID=<uuid>"
+  exit 1
+fi
+
+# Install Gemini CLI if not present
+if ! command -v gemini &> /dev/null; then
+  echo "📦 Installing Gemini CLI..."
+  npm install -g @google/generative-ai-cli
+fi
+
+# Check Gemini CLI version
+echo "✅ Gemini CLI: $(gemini --version 2>/dev/null || echo 'installed')"
+echo ""
+
+# Get action path (current directory)
+export ACTION_PATH="$(pwd)"
+
+# Run setup scripts (source them to preserve environment variables)
+echo "🔧 Setting up authentication..."
+source scripts/setup-gemini.sh
+
+echo ""
+echo "🔌 Setting up MCP server..."
+source scripts/setup-mcp.sh
+
+echo ""
+echo "📝 Fetching prompts..."
+source scripts/fetch-prompt.sh
+
+echo ""
+echo "🚀 Running validation..."
+echo ""
+source scripts/validate.sh
+
+echo ""
+echo "✅ Validation complete!"
+echo ""
+echo "📊 Results:"
+if [ -f "/tmp/validation-report.md" ]; then
+  echo "   Report: /tmp/validation-report.md"
+  cat /tmp/validation-report.md
+else
+  echo "   ⚠️ No report generated"
+fi
+
+echo ""
+echo "📁 Artifacts:"
+echo "   Full Output: /tmp/validation-full-output.md"
+echo "   Report: /tmp/validation-report.md"
+echo "   Prompt: /tmp/validation-prompt.txt"
+