// Generate execution-ready implementation plans from research docs - planning ONLY, no fixing or verifying. North Star is whether a JR developer can execute the plan with zero additional context.
This skill should be used when mapping or researching a codebase to understand its structure, patterns, and architecture. Use when the user asks to "map the codebase", "research how X works", "find all Y patterns", or needs to understand code organization. Produces factual structural maps in memory-bank/research/—no suggestions, no recommendations, just what exists. Uses ast-grep for structural pattern matching.
Run or continue a differential debugging session between two implementations, traces, captures, or outputs. Record artifact identity, exact commands, first mismatch progression, findings, validation, and next probe in a durable session log.
Map a repository's mechanical harness layers: canonical check command, local and CI gates, architecture boundaries, structural rules, behavioral verification, docs ratchets, evidence workflows, and operator-facing surfaces. Use when you need to understand how a repo keeps change safe.
Execute implementation plans from memory-bank/plan/. Focus on EXECUTING ONLY - no planning, no fixes outside plan scope. Uses gated checks, atomic commits, and maintains a single execution log in memory-bank/execute/. Use when the user says "execute this plan" or provides a plan path.
Perform quality assurance on code changes after the implementation-planner -> plan-executor workflow. STRICTLY QA only—no coding, no fixes, no source-code changes. Focus on changed areas only, emphasizing control/data flow correctness.
This skill should be used when working in the salary-man-setup repository to inspect, run, debug, or extend the Ubuntu bootstrap flow. Use it when another agent needs to drive setup.sh or the numbered install scripts, test the bootstrap on a local or remote machine, work through tmux, or update the managed shell/git/bootstrap configuration while preserving the repo's secret-handling guardrails.
| name | implementation-planner |
| description | Generate execution-ready implementation plans from research docs - planning ONLY, no fixing or verifying. North Star is whether a JR developer can execute the plan with zero additional context. |
| writes-to | memory-bank/plan/ |
| allowed-tools | ["Read","Edit","Write","Bash(git:*)","Bash(grep:*)","Bash(sed:*)","Bash(awk:*)","Bash(jq:*)","Bash(date:*)","Bash(find:*)"] |
| hard-guards | ["NO code modifications during planning","NO fixes or verification","Focus ONLY on generating clear executable plans","Every task must be unambiguous to a JR developer"] |
Generate execution-ready, coding-only implementation plans from research documents. The goal is to produce plans that any JR developer can execute immediately with zero ambiguity.
If a JR developer picked this up, could they start coding immediately?
If the answer is "no" or "they'd need to ask clarifying questions," the plan is incomplete.
memory-bank/research/| ❌ DON'T | ✅ DO INSTEAD |
|---|---|
| Fix code issues | Document them as tasks to fix |
| Verify implementations | Plan verification steps |
| Run tests | Plan what tests to write |
| Deploy anything | Plan deployment as a task |
| Make code changes | Document exactly what changes to make |
Read from: memory-bank/research/<topic>.md
Extract: scope, constraints, target files, unresolved questions, proposed solutions
# Capture current state
git rev-parse HEAD # Commit SHA
git status --short # Working tree status
Save as: memory-bank/plan/YYYY-MM-DD_HH-MM-SS_<topic>.md
---
title: "<topic> – Implementation Plan"
phase: Plan
date: "{{timestamp}}"
owner: "{{agent_or_user}}"
parent_research: "memory-bank/research/<file>.md"
git_commit_at_plan: "<short_sha>"
tags: [plan, <topic>, coding]
---
## Goal
- ONE singular coding-focused outcome
- Explicitly state what is OUT of scope (ops, deploy, excessive testing)
## Scope & Assumptions
- IN scope: (technical items only)
- OUT of scope: (what we're NOT doing)
- Assumptions: (frameworks, environments, libraries)
## Deliverables
- Source code modules, functions, or APIs
- Documentation limited to developer-level notes (not user docs)
## Readiness
- Preconditions: repos, libs, data schemas, sample inputs
- What must exist before starting
## Milestones
- M1: Skeleton & architecture setup
- M2: Core logic & data flow
- M3: Feature completion & refinement
- M4: Basic test(s) & integration hooks
## Work Breakdown (Tasks)
For EACH task, specify:
- **Task ID**: T001, T002, etc.
- **Summary**: What to do (present tense, actionable)
- **Owner**: who does it
- **Estimate**: time/complexity
- **Dependencies**: other task IDs
- **Target milestone**: M1-M4
- **Acceptance test**: Exactly ONE test that proves it works
- **Files/modules touched**: List exact paths
## Risks & Mitigations
Keep technical:
- Library stability issues
- API version drift
- Schema mismatch risks
- Breaking changes in dependencies
## Test Strategy
At most ONE new test per task, only for validating main coding work.
Focus on proving correctness, not coverage.
## References
- Research doc sections
- Key code references (file:line format)
## Final Gate
- **Output summary**: plan path, milestone count, tasks ready
- **Next command**: `/use plan-executor "<plan_path>"`
T003: Add user authentication middleware
- Create src/middleware/auth.ts with verifyToken() function
- Import in src/app.ts and apply to /api/* routes
- Acceptance: curl /api/users returns 401 without header, 200 with valid token
- Files: src/middleware/auth.ts, src/app.ts
- Milestone: M2
T003: Fix auth
- Handle the auth stuff properly
- Make sure it works
Always capture and include:
COMMIT_SHA=$(git rev-parse --short HEAD)
STATUS=$(git status --short)
If research doc mentions specific commits/branches and they've changed:
If planning reveals blockers or prerequisites that need tracking:
Before finalizing, ask:
After plan generation, output:
✓ Plan written to: memory-bank/plan/YYYY-MM-DD_HH-MM-SS_<topic>.md
✓ Milestones: 4
✓ Tasks: 12
✓ Git state: <short_sha>
Next: /use plan-executor "memory-bank/plan/YYYY-MM-DD_HH-MM-SS_<topic>.md"
## Task T004: Add rate limiting to API endpoints
**Summary**: Implement token-bucket rate limiting for public API endpoints
**Files**:
- src/middleware/rateLimit.ts (new)
- src/app.ts (modify)
**Changes**:
1. Create src/middleware/rateLimit.ts with TokenBucket class
- Constructor takes capacity and refillRate
- consume(tokens) method returns true if allowed
2. Add rateLimit instance to src/app.ts
3. Apply to /api/public/* routes only
**Acceptance Test**:
- Send 100 requests in 1 second to /api/public/data
- First 60 succeed (200)
- Next 40 fail (429)
- Headers include X-RateLimit-Remaining
**Dependencies**: T001 (Express app setup)
**Milestone**: M2
**Estimate**: 2 hours
Only spawn subagents if:
Typical subagents:
codebase-analyzer: Find where new code fitscontext-synthesis: Extract structured tasks from prose researchDefault: Don't use subagents. Trust the research doc.
After writing the plan document to memory-bank/plan/, hand off to plan-executor if the next step is the Execute phase.
Suggested next command:
/use plan-executor "memory-bank/plan/<file>.md"