M05 Type Driven
Apply type-driven design in Rust so invalid states are unrepresentable at compile time instead of patched with runtime checks.
Overview
m05-type-driven is an agent skill most often used in Build (also Ship review) that encodes Rust invariants with newtypes, type state, and sealed traits so invalid states are unrepresentable.
Install
npx skills add https://github.com/zhanghandong/rust-skills --skill m05-type-drivenWhat is this skill?
- Error-to-design table: primitive obsession, boolean flags, optional sprawl, runtime-only validation
- Three-prompt checklist: encode constraint in types, when validation runs, who must know the invariant
- Patterns: type state, PhantomData, newtype, marker traits, builder, sealed traits, ZST
- Bilingual triggers including 类型状态, 新类型模式, and compile-time validation phrasing
- Layer 1 language-mechanics focus: compiler-caught errors before Result-heavy runtime guards
- Four-row error-to-design question table
- Three thinking prompts before runtime validation
Adoption & trust: 747 installs on skills.sh; 1.2k GitHub stars; 3/3 security scanners passed (skills.sh audits).
What problem does it solve?
Your Rust code validates the same rules at runtime with strings and flags because the type system was never asked to rule out illegal states.
Who is it for?
Intermediate Rust builders refactoring APIs or domain models who want compile-time guarantees for state, identity, and ranges.
Skip if: Greenfield learners still on ownership basics, non-Rust stacks, or quick throwaway scripts where type ceremony outweighs safety gains.
When should I use this skill?
CRITICAL: type-driven design; triggers include type state, PhantomData, newtype, marker trait, builder pattern, make invalid states unrepresentable, compile-time validation, sealed trait, ZST, or Chinese 类型状态 / 新类型模式 / 类
What do I get? / Deliverables
Refactored types and constructors make key errors compile-time failures with clearer APIs and fewer defensive Result branches.
- Newtyped domain wrappers and validated constructors
- Type-state transitions replacing boolean flags
- API signatures that document invariants without extra runtime guards
Recommended Skills
Journey fit
Spans multiple journey phases - primary shelf plus alternate fits below.
Newtypes, type state, and sealed traits are introduced while implementing Rust services and libraries—the core Build backend work. Backend subphase fits systems and API crates where invariants belong in types rather than ad hoc validation layers.
Where it fits
Replace a raw String order ID with a validated newtype before exposing a public HTTP handler.
Model connection lifecycle with type state so send is impossible on an unauthenticated socket.
Flag a PR that adds is_valid booleans where a sum type would encode legal states at compile time.
How it compares
A type-level design playbook for Rust—not a linter rule pack or a generic Rust syntax cheat sheet.
Common Questions / FAQ
Who is m05-type-driven for?
Solo builders writing Rust backends, CLIs, or libraries who want invalid states rejected by the compiler, not scattered if checks.
When should I use m05-type-driven?
In Build when modeling domains and APIs; in Ship review when primitive obsession or boolean state flags show up in diffs; whenever triggers mention type state, newtype, or make invalid states unrepresentable.
Is m05-type-driven safe to install?
It is instructional procedural knowledge with no bundled executables; still review the Security Audits panel on this Prism page before adding any skill from the repo.
SKILL.md
READMESKILL.md - M05 Type Driven
# Type-Driven Design > **Layer 1: Language Mechanics** ## Core Question **How can the type system prevent invalid states?** Before reaching for runtime checks: - Can the compiler catch this error? - Can invalid states be unrepresentable? - Can the type encode the invariant? --- ## Error → Design Question | Pattern | Don't Just Say | Ask Instead | |---------|----------------|-------------| | Primitive obsession | "It's just a string" | What does this value represent? | | Boolean flags | "Add an is_valid flag" | Can states be types? | | Optional everywhere | "Check for None" | Is absence really possible? | | Validation at runtime | "Return Err if invalid" | Can we validate at construction? | --- ## Thinking Prompt Before adding runtime validation: 1. **Can the type encode the constraint?** - Numeric range → bounded types or newtypes - Valid states → type state pattern - Semantic meaning → newtype 2. **When is validation possible?** - At construction → validated newtype - At state transition → type state - Only at runtime → Result with clear error 3. **Who needs to know the invariant?** - Compiler → type-level encoding - API users → clear type signatures - Runtime only → documentation --- ## Trace Up ↑ When type design is unclear: ``` "Need to validate email format" ↑ Ask: Is this a domain value object? ↑ Check: m09-domain (Email as Value Object) ↑ Check: domain-* (validation requirements) ``` | Situation | Trace To | Question | |-----------|----------|----------| | What types to create | m09-domain | What's the domain model? | | State machine design | m09-domain | What are valid transitions? | | Marker trait usage | m04-zero-cost | Static or dynamic dispatch? | --- ## Trace Down ↓ From design to implementation: ``` "Need type-safe wrapper for primitives" ↓ Newtype: struct UserId(u64); "Need compile-time state validation" ↓ Type State: Connection<Connected> "Need to track phantom type parameters" ↓ PhantomData: PhantomData<T> "Need capability markers" ↓ Marker Trait: trait Validated {} "Need gradual construction" ↓ Builder: Builder::new().field(x).build() ``` --- ## Quick Reference | Pattern | Purpose | Example | |---------|---------|---------| | Newtype | Type safety | `struct UserId(u64);` | | Type State | State machine | `Connection<Connected>` | | PhantomData | Variance/lifetime | `PhantomData<&'a T>` | | Marker Trait | Capability flag | `trait Validated {}` | | Builder | Gradual construction | `Builder::new().name("x").build()` | | Sealed Trait | Prevent external impl | `mod private { pub trait Sealed {} }` | ## Pattern Examples ### Newtype ```rust struct Email(String); // Not just any string impl Email { pub fn new(s: &str) -> Result<Self, ValidationError> { // Validate once, trust forever validate_email(s)?; Ok(Self(s.to_string())) } } ``` ### Type State ```rust struct Connection<State>(TcpStream, PhantomData<State>); struct Disconnected; struct Connected; struct Authenticated; impl Connection<Disconnected> { fn connect(self) -> Connection<Connected> { ... } } impl Connection<Connected> { fn authenticate(self) -> Connection<Authenticated> { ... } } ``` --- ## Decision Guide | Need | Pattern | |------|---------| | Type safety for primitives | Newtype | | Compile-time state validation | Type State | | Lifetime/variance markers | PhantomData | | Capability flags | Marker Trait | | Gradual construction | Builder | | Closed set of impls | Sealed Trait | | Zero-sized type marker | ZST struct | --- ## Anti-Patterns | Anti-Pattern | Why Bad | Better | |--------------|---------|--------| | Boolean flags for states