// Use when starting non-trivial work (touching 3+ files, new features, refactors, bug investigations). Produces a scoped, actionable implementation plan before any code is written. Triggers on /nano.
| name | nano |
| description | Use when starting non-trivial work (touching 3+ files, new features, refactors, bug investigations). Produces a scoped, actionable implementation plan before any code is written. Triggers on /nano. |
| concurrency | read |
| depends_on | ["think"] |
| summary | Implementation planning. Scopes work, names every file, produces ordered steps with verification. |
| estimated_tokens | 400 |
You turn validated ideas into executable steps. Every file gets named. Every step gets a verification. Every unknown gets surfaced. The plan is a contract: if it says 4 files, the PR should touch 4 files.
Defensive telemetry init. No-op if telemetry is disabled via NANOSTACK_NO_TELEMETRY=1, ~/.nanostack/.telemetry-disabled, or if the helpers are removed.
_P="$HOME/.claude/skills/nanostack/bin/lib/skill-preamble.sh"
[ -f "$_P" ] && . "$_P" nano
unset _P
If no active session exists, initialize one:
~/.claude/skills/nanostack/bin/session.sh status
If the output shows "active":false, create a session:
~/.claude/skills/nanostack/bin/session.sh init development
Then run session.sh phase-start plan.
Plan approval mode. This skill reads plan_approval from the session to decide whether to pause. The field has three values:
auto — Present a short plan and continue without waiting. /feature always sets this.manual — Default. Present the plan and wait for explicit approval before building.not_required — Used by --run-mode report_only sprints. Skip the approval gate entirely.Read the value with v1-compat fallback (older sessions may only have autopilot):
PLAN_APPROVAL=$(jq -r '.plan_approval // (if .autopilot then "auto" else "manual" end)' .nanostack/session.json 2>/dev/null)
If the file is missing entirely, treat as manual.
Local mode: Run source bin/lib/git-context.sh && detect_git_mode. If result is local, adapt language: "implementation plan" → "paso a paso", "files to modify" → "archivos que vamos a crear", "architecture checkpoint" → skip (overkill for non-technical users). Present the plan as a simple numbered list of what you'll build, not a spec document. Same rigor, accessible words. In the "Next Step" section, do NOT list slash commands (/review, /security, /qa, /ship). Instead say: "Cuando termine, reviso la calidad y te aviso si hay algo que ajustar."
Plain-language contract. When profile == "guided" (or local mode), follow reference/plain-language-contract.md. The plan summary uses the four-block skeleton:
Resultado: Voy a armar la herramienta en 3 archivos chicos.
Como verlo:
1. Cuando termine cada paso, te muestro lo que cambio.
Que revise:
- La forma mas simple de cumplir lo que pediste.
- Que cada cambio se pueda probar por separado.
- Que no rompa nada que ya estaba funcionando.
Pendiente:
- No probe en una computadora distinta a la tuya.
Resolve context — load upstream artifacts and past solutions in one call:
~/.claude/skills/nanostack/bin/resolve.sh plan
The output is JSON with upstream_artifacts (think artifact path if recent), solutions (ranked matches), config, and sprint_metrics (git stats + cycle time from last sprint). Use what's relevant:
key_risk → add to Risks. narrowest_wedge (starting point) → scope constraint. out_of_scope → pre-populate Out of Scope. scope_mode → if "reduce," plan smallest version. premise_validated → if false, flag it.sprint_metrics is present, use it for scope calibration: last sprint's lines changed and file count help estimate whether the current task is Small, Medium, or Large relative to recent work.If think artifact is missing but /think ran (you can see a Think Summary in the conversation above), recover it now:
~/.claude/skills/nanostack/bin/save-artifact.sh --from-session think 'Value prop: <from summary>. Scope: <from summary>. Wedge: <from summary>. Risk: <from summary>. Premise: <from summary>.'
This saves the think output retroactively so /review can check scope drift and the sprint journal is complete.
Check git history for recent changes in the affected area — someone may have already started this work or made decisions you need to respect.
If the affected modules are known, check for diarizations (structured module briefs from past sprints) in .nanostack/know-how/diarizations/. If a diarization exists for a module in scope, read it for recurring issues, known risks, and unresolved tensions. These should inform your risk assessment.
If the request is ambiguous, ask clarifying questions using AskUserQuestion before proceeding. Do not guess scope.
If the user doesn't specify their tech stack and needs to pick tools (auth, database, hosting, etc.), check for overrides first, then fall back to defaults:
.nanostack/stack.json if it exists (project-level preferences)~/.nanostack/stack.json if it exists (user-level preferences)plan/references/stack-defaults.md for anything not covered aboveAlways use the latest stable version of every dependency. Don't rely on versions from training data.
Apply these constraints during planning. Each one represents a proven pattern or decision from past sprints.
Classify the work:
| Scope | Criteria | Output |
|---|---|---|
| Small | 1-3 files, single concern, clear path | Implementation steps only |
| Medium | 4-10 files, multiple concerns, some unknowns | Product spec + implementation steps + risks |
| Large | 10+ files, cross-cutting, architectural impact | Product spec + technical spec + implementation steps + phased execution |
For small scope: produce a brief plan and move on. Do not over-plan trivial work.
Before writing implementation steps, produce the specs that define what you're building. Skip this for Small scope.
Medium scope: Product Spec only.
Use plan/templates/product-spec.md. Cover: problem, solution, user stories, acceptance criteria, user flow, edge cases, out of scope. Keep it to 1-2 pages. This is what the team reads to understand what "done" looks like.
Large scope: Product Spec + Technical Spec.
Also use plan/templates/technical-spec.md. Cover: architecture, data model, API contracts, integrations, technical decisions, security considerations, migration/rollback. This is what the team reads to understand how the system works.
Present the specs to the user before writing implementation steps. Specs are the contract. If the spec is wrong, the plan will be wrong and the code will be wrong. Get alignment here.
Use the template at plan/templates/plan-template.md as your output structure. Fill in every section that applies to the scope level.
Key requirements:
Before presenting, validate the plan against these engineering concerns:
think/references/latent-vs-deterministic.md for the full framing.Skip this for Small scope — it's overkill for a 3-file change.
If the plan produces anything a user will see or interact with, apply the standards in plan/references/product-standards.md. They are not optional — they cover UI/frontend (shadcn + Tailwind, dark mode, mobile, no AI slop), SEO, LLM SEO, and CLI/TUI defaults per language.
If the plan is a pure library with no user-facing output, skip this section.
Behavior depends on PLAN_APPROVAL (read above):
auto — Present the plan briefly and proceed immediately. The caller (/feature or autopilot) chose this; do not pause.not_required — Skip the approval gate entirely. Save the artifact and continue. This applies to report-only sprints.manual (default) — Present the plan to the user and wait for explicit approval before executing. If the user modifies the plan, update it before proceeding.After the plan is approved (or auto-approved), do these two steps in order:
Step 1: Save the artifact. Run this command now — do not skip it. The save is validated against the per-phase schema (see reference/artifact-schema.md); a plan artifact requires summary.planned_files (array), summary.plan_approval, and context_checkpoint. /review uses planned_files for scope drift.
PLAN_JSON=$(jq -n \
--argjson planned_files '["file1.ts","file2.ts"]' \
--arg plan_approval "$PLAN_APPROVAL" \
--arg checkpoint_summary "Plan for <feature>: N files, key decisions X and Y." \
'{
phase: "plan",
summary: {
planned_files: $planned_files,
plan_approval: $plan_approval
},
context_checkpoint: {
summary: $checkpoint_summary,
key_files: $planned_files,
decisions_made: [],
open_questions: []
}
}')
~/.claude/skills/nanostack/bin/save-artifact.sh plan "$PLAN_JSON"
Step 2: Build and proceed.
After the user approves the plan and you finish building:
If PLAN_APPROVAL is auto:
After build completes, invoke each skill in sequence using the Skill tool. Do NOT implement review/security/qa logic yourself — invoke the skill and let it run its full process.
Invoke review: Use Skill tool: skill="review"
Wait for completion. Show: Autopilot: review complete. Running /security...
Invoke security: Use Skill tool: skill="security"
Wait for completion. Show: Autopilot: security complete. Running /qa...
Invoke qa: Use Skill tool: skill="qa"
Wait for completion. Show: Autopilot: qa complete. Running /ship...
Invoke ship: Use Skill tool: skill="ship"
Stop the sequence if any skill finds blocking issues or critical vulnerabilities. For parallel execution across multiple terminals, use /conductor.
Otherwise (manual or not_required):
Tell the user:
Build complete. Next steps in the sprint:
/reviewto run a two-pass code review with scope drift detection/securityto audit for vulnerabilities/qato test that everything worksThese three can run in any order. After all pass,
/shipto create the PR.
Wait for the user to invoke each one.
Before returning control:
_F="$HOME/.claude/skills/nanostack/bin/lib/skill-finalize.sh"
[ -f "$_F" ] && . "$_F" nano success
unset _F
Pass abort or error instead of success if the plan did not complete normally.
Use when working near production, sensitive systems, or destructive operations. Activates on-demand safety hooks that block dangerous commands. Supports modes — careful (warn), freeze (guided, keeps writes within scope), unfreeze (remove restrictions). Triggers on /guard, /careful, /freeze, /unfreeze.
Orchestrate parallel agent sessions through a sprint. Coordinates task claiming, dependency resolution, and artifact handoff between independent agents. Triggers on /conductor, /sprint, /parallel.
Add a feature to an existing project with a full sprint. Skips /think diagnostic, goes straight to planning. Use when the user knows what they want and the project already exists. Triggers on /feature.
Use to verify that code works correctly — browser-based testing with Playwright, native app testing with computer use, CLI testing, API testing, or root-cause debugging. Supports --quick, --standard, --thorough modes. Triggers on /qa.
Use after writing code to get a thorough code review. Runs two passes — structural correctness then adversarial edge-case hunting. Scales depth by diff size. Supports --quick, --standard, --thorough modes. Triggers on /review.
Use before shipping to production. Performs OWASP Top 10 audit and STRIDE threat modeling against the codebase. Supports --quick, --standard, --thorough modes. Also use when the user asks to check security, audit code, or review for vulnerabilities. Triggers on /security.