Runtime-verify a change in ActiveCAMT by driving the real app (admin UI / API) with a dev-bypass login against the local DB. Use before calling a change done.
Safe deploy + DB migration checklist for ActiveCAMT (Next.js; self-hosted Docker+Postgres via Portainer, or legacy Vercel+Supabase). Use before deploying any change that touches the database schema, or before deploying code that reads a new or changed column. Enforces feature branch (never main), idempotent and non-destructive migrations, and migrating prod before deploying code that reads it — including the Portainer container-console migration step for the self-hosted deploy.
Ship the current changes end-to-end for ActiveCAMT — branch off main, commit, push, open a PR, merge it into main, delete the branch (local + remote), and record the day's entry in updates/ via the updates-changelog agent. Use when the user says "ship this", "commit + PR + merge", "open a PR and merge", or otherwise wants the full feature-branch → PR → merge → cleanup flow in one go. For deploys that touch the DB schema or read a new column, run /safe-deploy first.
Verify the integrity of ActiveCAMT's append-only audit-log hash chain (tamper evidence) by running AuditService.verifyChainIntegrity — via the existing GET /api/admin/audit-verify route or a local script. Use before a deploy/migration that touches audit_logs or users, periodically, or on any suspicion of tampering. Read-only; a broken chain is a security incident, never "repaired".
Generate the next period update file in updates/ for ActiveCAMT, in the established Thai house style (date-range filename, ฝั่งนักศึกษา + ฝั่งทีม sections, Discord/funding framing). Summarizes the git commits since the last update file. Use when the user wants to write the period changelog, Discord update, or funding progress notes.
Bring up the local Docker Postgres (activecamt-db) and run/rehearse DB operations against LOCALHOST (.env.local) — migrations, seeds, studio — never prod. Use before any migration (rehearse locally first), or to get a working local DB for tests/seed data. Encapsulates the finicky local-DB dance so you never accidentally hit prod.
Scaffold a new admin API route (src/app/api/admin/**/route.ts) pre-wired with ActiveCAMT's security pattern — server-side auth() role gate, Zod validation, and a db.transaction that writes an AuditService audit log. Use when adding any admin/staff API endpoint, so the role gate and audit log can't be forgotten. For routes that read medical data, audit logging is made mandatory.
Assemble a consolidated export of ALL data ActiveCAMT holds about a single student (PDPA subject-access request), or guide PDPA erasure — admin-only, always audit-logged, with medical detail gated to admin roles and audit_logs never included/erased. Use for a data-subject access or erasure request for one student.