[Git] Use when the user asks to compare branches, analyze git diffs, review changes between branches, update specifications based on code changes, or analyze what changed.

2026-06-186

business-analyst

duc01226/EasyPlatform

[Project Management] Use when creating user stories, writing acceptance criteria, analyzing requirements, or mapping business processes.

2026-06-186

business-evaluation

duc01226/EasyPlatform

[Content] Use when you need to evaluate business idea viability: Business Model Canvas, financial projections, risk matrix, go-to-market, execution plan.

2026-06-186

changelog

duc01226/EasyPlatform

[Documentation] Use when you need to generate or update changelog entries.

2026-06-186

一键运行任何 Skill

name	architecture-design
description	[Architecture] Use when designing solution architecture across backend, frontend, deployment, monitoring, testing, and code quality.

Codex compatibility note:

Invoke repository skills with $skill-name in Codex; this mirrored copy rewrites legacy Claude /skill-name references.

Task tracker mandate: BEFORE executing any workflow or skill step, create/update task tracking for all steps and keep it synchronized as progress changes.

User-question prompts mean to ask the user directly in Codex.

Ignore Claude-specific mode-switch instructions when they appear.

Strict execution contract: when a user explicitly invokes a skill, execute that skill protocol as written.

Subagent authorization: when a skill is user-invoked or AI-detected and its protocol requires subagents, that skill activation authorizes use of the required spawn_agent subagent(s) for that task.

Do not skip, reorder, or merge protocol steps unless the user explicitly approves the deviation first.

For workflow skills, execute each listed child-skill step explicitly and report step-by-step evidence.

If a required step/tool cannot run in this environment, stop and ask the user before adapting.

Codex Project-Reference Loading (No Hooks)

Codex uses static project-reference loading instead of runtime-injected project docs. When coding, planning, debugging, testing, or reviewing, open project docs explicitly using this routing.

Always read:

docs/project-config.json (project-specific paths, commands, modules, and workflow/test settings)
docs/project-reference/docs-index-reference.md (routes to the full docs/project-reference/* catalog)
docs/project-reference/lessons.md (always-on guardrails and anti-patterns)

Missing/stale context route: If docs/project-config.json, the docs index, lessons.md, CLAUDE.md, AGENTS.md, or any task-required reference doc is missing or stale, auto-run $project-init or the narrow setup route ($project-config, $docs-init, $scan-all, $scan --target=<key>, $claude-md-init) before ordinary project-specific work. If Codex mirrors or AGENTS.md are missing/stale, ask the user to run $sync-codex; do not auto-run it.

Situation-based docs:

Backend/CQRS/API/domain/entity changes: backend-patterns-reference.md, domain-entities-reference.md, project-structure-reference.md
Frontend/UI/styling/design-system: frontend-patterns-reference.md, scss-styling-guide.md, design-system/README.md
Spec authoring, docs/specs/ pathing, or TC format: feature-spec-reference.md, spec-system-reference.md, spec-principles.md
Behavior/public-contract changes or spec-test-code sync: workflow-spec-test-code-cycle-reference.md plus the spec docs above
Derived spec indexes/ERDs/reimplementation guides: spec-system-reference.md and source Feature Specs under docs/specs/
Integration test implementation/review: integration-test-reference.md
E2E test implementation/review: e2e-test-reference.md
Code review/audit work: code-review-rules.md plus domain docs above based on changed files

Do not read all docs blindly. Start from docs-index-reference.md, then open only relevant files for the task.

[BLOCKING] Execute skill steps in declared order. NEVER skip, reorder, or merge steps without explicit user approval. [BLOCKING] Before each step or sub-skill call, update task tracking: set in_progress when step starts, set completed when step ends. [BLOCKING] Every completed/skipped step MUST include brief evidence or explicit skip reason. [BLOCKING] If Task tools are unavailable, create and maintain an equivalent step-by-step plan tracker with the same status transitions.

Quick Summary

Goal: Act as solution architect to deliver a complete, evidence-backed, user-validated architecture decision report covering ALL concerns (backend, frontend, design patterns, library ecosystem, testing strategy, CI/CD, deployment, monitoring, code quality, dependency management) — every concern researched with 3+ options, every recommendation carrying confidence % + cited evidence, every decision confirmed by the user — so implementation proceeds on sound, owned architectural choices.

Summary:

Decide mode FIRST (Step 1): greenfield researches every concern from scratch; brownfield reads reference docs + accepted ADRs and constrains research to the existing stack — NEVER re-litigate a settled ADR-recorded decision without a superseding-ADR rationale.
Drive the style choice with NUMBERS, not adjectives: quantify Step-2 quality-attribute scenarios (latency p95/p99, throughput, SLO, RPO/RTO, data growth, concurrency); any unknown target becomes an explicit Unresolved question, never a silent guess.
Every concern needs 3+ researched options with cited evidence (stars, last release, downloads, CVE scan) + a confidence % — familiarity alone is never sufficient grounds for a recommendation.
Produce the two binding downstream contracts and you're done; skip either and the chain breaks: emit an ADR per hard-to-reverse decision (review-architecture Cat 9 enforces it) and the Scaffold Handoff tool-choices table (scaffold/harness-setup consume it), then run the MANDATORY Step-12 user-validation interview before confirming.

Workflow (12 steps):

Load Context — Read domain model, tech stack, business evaluation, refined PBI
Derive Architecture Requirements — Map business/domain complexity to architecture constraints
Backend Architecture — Research top 3 backend architecture styles + design patterns
Frontend Architecture — Research top 3 frontend architecture styles + design patterns
Library Ecosystem Research — Best-practice libraries per concern (validation, caching, logging, utils, etc.)
Testing Architecture — Unit, integration, E2E, performance testing frameworks + strategy
CI/CD & Deployment — Pipeline design, containerization, orchestration, IaC
Observability & Monitoring — Logging, metrics, tracing, alerting stack
Code Quality & Clean Code — Linters, analyzers, formatters, enforcement tooling
Dependency Risk Assessment — Package health, obsolescence risk, maintenance cost
Generate Report — Full architecture decision report with all recommendations
User Validation — Present findings, ask 8-12 questions, confirm all decisions

Key Rules:

MANDATORY IMPORTANT MUST ATTENTION research minimum 3 options per architecture concern with web evidence
MANDATORY IMPORTANT MUST ATTENTION include confidence % with evidence for every recommendation
MANDATORY IMPORTANT MUST ATTENTION run user validation interview at end (never skip)
Delegate to solution-architect agent for complex architecture decisions
All claims must cite sources (URL, benchmark, case study, or codebase evidence)
Base every recommendation on evidence, never on familiarity alone

Be skeptical. Apply critical thinking, sequential thinking. Every claim needs traced proof, confidence percentages (Idea should be more than 80%).

Inputs & Handoffs (consume vs produce)

Skill sits mid-workflow — consumes settled upstream decisions, produces artifacts downstream steps build on. Do NOT re-derive what upstream step already owns; do NOT leave downstream consumer without its needed artifact. — why: re-deriving settled decisions wastes effort and risks divergence from the recorded choice.

Consumes (read, don't re-derive)	From	Produces (named deliverable)	Consumed by
Bounded contexts, aggregates, domain events, ERD	`domain-analysis`	Architecture decision report (`{plan-dir}/research/...`)	`plan`, `plan-execute`
Confirmed languages/frameworks/databases	`tech-stack-research`	Confirmed decisions (`{plan-dir}/phase-02b-architecture.md`)	`plan`, `scaffold`
Expected scale, compliance, budget constraints	`business-evaluation`	Scaffold Handoff table (tooling + fitness rules)	`scaffold`, `harness-setup`
Existing stack/patterns/ADRs (brownfield)	reference docs, `docs/adr/**`	ADRs for hard-to-reverse decisions (`docs/adr/`)	`review-architecture` (conformance)

If upstream artifact missing, capture minimum needed here and note gap — NEVER silently re-run full upstream analysis. — why: a silent re-run hides the missing-input gap that the owning step should resolve.

Step 1: Load Context

Mode (decide first): Greenfield (new project, e.g. via workflow-greenfield-init) → research every concern from scratch, full 3-options-per-concern. Brownfield (large feature in existing codebase, e.g. workflow-big-feature) → FIRST read project reference docs + accepted ADRs, constrain research to existing stack/patterns, propose changes only where new requirement genuinely outgrows them — NEVER re-litigate settled ADR-recorded decision without superseding-ADR rationale. — why: re-deciding a recorded choice churns the codebase and breaks downstream conformance checks.

Read artifacts from prior workflow steps (search plans/ and team-artifacts/):

Domain model / ERD (complexity, bounded contexts, aggregate count)
Tech stack decisions (confirmed languages, frameworks, databases)
Business evaluation (scale, constraints, compliance)
Refined PBI (scope, acceptance criteria)
Discovery interview (team skills, experience level)

Extract, summarize:

Signal	Value	Source
Bounded contexts	...	domain model
Aggregate count	...	domain model
Cross-context events	...	domain model
Confirmed tech stack	...	tech stack phase
Expected scale	...	business eval
Team architecture exp.	...	discovery
Compliance requirements	...	business eval
Real-time needs	Yes/No	refined PBI
Integration complexity	Low/Med/High	domain model
Deployment target	...	business eval

Step 2: Derive Architecture Requirements

Map signals to architecture constraints:

Signal	Architecture Requirement	Priority
Many bounded contexts	Clear module boundaries, context isolation	Must
High scale	Horizontal scaling, stateless services, caching strategy	Must
Complex domain	Rich domain model, separation of domain from infra	Must
Cross-context events	Event-driven communication, eventual consistency	Must
Small team	Low ceremony, fewer layers, convention over configuration	Should
Compliance	Audit trail, immutable events, access control layers	Must
Real-time	Event sourcing or pub/sub, WebSocket/SSE support	Should
High integration complexity	Anti-corruption layers, adapter pattern, API gateway	Should

Quality-Attribute Scenarios (quantify — these drive the style choice)

Qualitative "Must/Should" cannot decide between, e.g., modular monolith vs microservices. Capture measurable targets; ask user for any unknown via a direct user question (guess acceptable only when labelled an assumption with confidence %). These targets become ADR-recorded budgets review-architecture Category 9 later checks changes against. — why: a style chosen without numbers is a guess, not an enforceable decision.

Quality attribute	Scenario (stimulus → measurable response)	Target (fill in)
Latency	p95 / p99 response time for the hottest read and write paths	e.g. p99 < 300ms
Throughput	Sustained req/s and peak burst the system must absorb	e.g. 500 rps peak
Availability / SLO	Target uptime and error budget	e.g. 99.9%
Data durability (RPO)	Max acceptable data loss on failure	e.g. ≤ 5 min
Recovery (RTO)	Max acceptable time to restore service	e.g. ≤ 30 min
Data-volume growth	Row/document/event growth → storage, index, partition strategy	e.g. 10M rows/yr
Concurrency	Concurrent users/sessions and contention hot spots	e.g. 2k concurrent
Compliance/retention	Regulated data, retention window, residency, audit	e.g. GDPR, 7yr

Rule: any target left unknown is explicit Unresolved question (Step 11), NEVER a silent omission — an architecture chosen without scale numbers is a guess, not a decision.

MANDATORY IMPORTANT MUST ATTENTION validate derived requirements with user via a direct user question before proceeding.

Step 3: Backend Architecture

3A: Architecture Styles

WebSearch top 3 backend architecture styles. Candidates:

Style	Best For	Research Focus
Clean Architecture	Complex domains, long-lived projects	Dependency rule, testability, flexibility
Hexagonal (Ports+Adapt)	Integration-heavy, multiple I/O adapters	Port contracts, adapter isolation
Vertical Slice	Feature-focused teams, rapid delivery	Slice isolation, code locality
Modular Monolith	Starting simple, eventual decomposition	Module boundaries, migration path
Microservices	Large teams, independent deployment	Service boundaries, operational overhead
CQRS + Event Sourcing	Audit-heavy, complex queries	Read/write separation, event store
Layered (N-Tier)	Simple CRUD, small teams	Layer responsibilities, coupling risk

3B: Backend Design Patterns

Evaluate applicability per layer:

Pattern	Layer	When to Apply
Repository	Data Access	Abstract data store, enable testing
CQRS	Application	Separate read/write models, complex queries
Mediator	Application	Decouple handlers from controllers
Strategy	Domain/App	Multiple interchangeable algorithms
Observer/Events	Domain	Cross-aggregate side effects
Factory	Domain	Complex object creation with invariants
Decorator	Cross-cutting	Add behavior without modifying (logging, caching)
Adapter	Infrastructure	Isolate external dependencies
Specification	Domain	Composable business rules, complex filtering
Unit of Work	Data Access	Transaction management across repositories
Saga/Orchestr.	Cross-service	Distributed transactions, compensating actions
Outbox	Messaging	Reliable event publishing with DB transactions
Circuit Breaker	Infrastructure	External service resilience

Per recommended pattern document: Apply to, Why, Example, Risk if skipped.

Step 4: Frontend Architecture

4A: Architecture Styles

WebSearch top 3 frontend architecture styles. Candidates:

Style	Best For	Research Focus
MVVM	Data-binding heavy, forms-over-data apps	ViewModel responsibility, two-way binding
MVC	Server-rendered, traditional web apps	Controller routing, view separation
Component Architecture	Configured SPA/component framework	Component isolation, props/events, reuse
Reactive Store (Redux)	Complex state, multi-component sync	Single source of truth, immutable state
Signal-based Reactivity	Fine-grained reactivity in frameworks that support signals	Granular updates without broad change detection
Micro Frontends	Multiple teams, independent deployment	Module federation, routing, shared state
Feature-based Modules	Large monolith SPA, lazy loading	Feature boundaries, route-level splitting
Server Components (RSC)	SEO, initial load performance	Server/client boundary, streaming

4B: Frontend Design Patterns

Pattern	Layer	When to Apply
Container/Presentational	Component	Separate logic from UI rendering
Reactive Store	State	Centralized state, cross-component communication
Facade Service	Service	Simplify complex API interactions
Adapter/Mapper	Data	Transform API response to view model
Observer (RxJS)	Async	Event streams, real-time data, debounce/throttle
Strategy (renderers)	UI	Conditional rendering strategies per entity type
Composite (components)	UI	Tree structures, recursive components
Command (undo/redo)	UX	Form wizards, canvas editors, undoable actions
Lazy Loading	Performance	Route/module-level code splitting
Virtual Scrolling	Performance	Large lists, infinite scroll

Step 4B: UI System Architecture

Skip if: Backend-only project, no frontend component.

Research, recommend project design system architecture. Use a direct user question for each decision.

4B-1: Styling Approach

WebSearch top 3 styling approaches for confirmed frontend framework:

Approach	Best For	Research Focus
Utility-first (Tailwind CSS)	Rapid prototyping, design enforcement	JIT, custom config, design tokens
CSS Modules / Scoped CSS	Component isolation, no global conflicts	Naming, composition patterns
SCSS/SASS with BEM	Complex theming, token variables	BEM methodology, mixin libraries
CSS-in-JS	Dynamic styling, theme providers	Runtime perf, SSR support
CSS Custom Properties	Native theming, framework-agnostic	Browser support, fallback strategy

4B-2: Design Token Strategy

Decision	Options	Default
Token format	CSS custom properties / JSON / SCSS variables	CSS custom properties
Token categories	Color, spacing, typography, breakpoints, shadows, z-index	All
Token naming	Semantic (`--color-primary`) vs Functional (`--btn-bg`)	Semantic first
Theming	Light/dark toggle / Multi-brand / Single theme	Single + dark mode

4B-3: Component Library Strategy

Decision	Options	Default
Library	Build custom / Headless (Radix, Headless UI) / Full kit (MUI, Ant, PrimeNG)	Based on team and timeline
Component tiers	Common → Domain-Shared → Page (per ui-wireframe-protocol)	Standard 3-tier
Documentation	Storybook / Docusaurus / In-code only	Based on team size

4B-4: Responsive Strategy

Decision	Options	Default
Approach	Mobile-first / Desktop-first / Adaptive	Mobile-first
Breakpoints	320/768/1024/1280 / Custom	Standard
Grid system	CSS Grid / Flexbox / Framework grid	CSS Grid + Flexbox

MANDATORY IMPORTANT MUST ATTENTION validate all UI system decisions with user via a direct user question before proceeding to Step 5.

Step 5: Library Ecosystem Research

Per concern below, WebSearch top 3 library options for confirmed tech stack. Evaluate: maturity, community, bundle size, maintenance activity, license, learning curve.

MUST ATTENTION never recommend a library from familiarity alone — every pick needs cited evidence (stars, release date, downloads, CVE scan). — why: familiarity bias ships unmaintained or insecure dependencies.

Library Concerns Checklist

Concern	What to Research	Evaluation Criteria
Validation	Input validation, schema validation, form validation	Type safety, composability, error messages
HTTP Client / API Layer	REST client, GraphQL client, API code generation	Interceptors, retry, caching, type generation
State Management	Global store, local state, server state caching	DevTools, SSR support, bundle size
Utilities / Helpers	Date/time, collections, deep clone, string manipulation	Tree-shakability, size, native alternatives
Caching	In-memory cache, distributed cache, HTTP cache, query cache	TTL, invalidation, persistence
Logging	Structured logging, log levels, log aggregation	Structured output, transports, performance
Error Handling	Global error boundary, error tracking, crash reporting	Source maps, breadcrumbs, alerting integration
Authentication / AuthZ	JWT, OAuth, RBAC/ABAC, session management	Standards compliance, SSO, token refresh
File Upload / Storage	Multipart upload, cloud storage SDK, image processing	Streaming, resumable, size limits
Real-time	WebSocket, SSE, SignalR, Socket.io	Reconnection, scaling, protocol support
Internationalization	i18n, l10n, pluralization, date/number formatting	ICU support, lazy loading, extraction tools
PDF / Export	PDF generation, Excel export, CSV	Server-side vs client-side, template support

Per-Library Evaluation Template

### {Concern}: Top 3 Options

| Criteria         | Option A          | Option B | Option C |
| ---------------- | ----------------- | -------- | -------- |
| GitHub Stars     | ...               | ...      | ...      |
| Last Release     | ...               | ...      | ...      |
| Bundle Size      | ...               | ...      | ...      |
| Weekly Downloads | ...               | ...      | ...      |
| License          | ...               | ...      | ...      |
| Maintenance      | Active/Slow/Stale | ...      | ...      |
| Learning Curve   | Low/Med/High      | ...      | ...      |

**Recommendation:** {Option} — Confidence: {X}%

Step 6: Testing Architecture

Research best testing tools, strategy for confirmed tech stack:

Testing Layer	What to Research	Top Candidates to Compare
Unit Testing	Test runner, assertion library, mocking framework	Repository's configured unit-test stack
Integration Testing	API testing, DB testing, service testing	Supertest, TestContainers, WebAppFactory
E2E Testing	Browser automation, BDD, visual regression	Playwright/Cypress/Selenium, SpecFlow
Performance Testing	Load testing, stress testing, benchmarking	k6/Artillery/JMeter/NBomber, BenchmarkDotNet
Contract Testing	API contract validation between services	Pact, Dredd, Spectral
Mutation Testing	Test quality validation	Stryker, PITest
Coverage	Code coverage collection, reporting, enforcement	Istanbul/Coverlet, SonarQube
Test Data	Factories, fixtures, seeders, fakers	Bogus/AutoFixture/Faker.js

Test Strategy Template

### Test Pyramid

- **Unit (70%):** {framework} — {what to test}
- **Integration (20%):** {framework} — {what to test}
- **E2E (10%):** {framework} — {what to test}

### Test-Strength Targets

- Line coverage (diagnostic only — NEVER fail the build on a coverage %): Unit: {X}% | Integration: {X}% | E2E: critical paths only
- Gate: mutation score ({tool}) in CI pipeline — fail build on surviving mutants / mutation-score regression, not on a line-coverage %

Step 7: CI/CD & Deployment

Research deployment architecture, CI/CD tooling:

Concern	What to Research	Top Candidates to Compare
CI/CD Provider	Pipeline orchestration, parallelism, caching	Repository's configured CI/CD tooling
Containerization	Container runtime, image building, registry	Docker/Podman, BuildKit, ACR/ECR/GHCR
Orchestration	Container orchestration, service mesh, scaling	Kubernetes/Docker Compose/ECS/Nomad
IaC (Infra as Code)	Infrastructure provisioning, drift detection	Terraform/Pulumi/Bicep/CDK
Artifact Management	Package registry, versioning, vulnerability scanning	NuGet/npm/Artifactory/GitHub Packages
Feature Flags	Progressive rollout, A/B testing, kill switches	LaunchDarkly/Unleash/Flagsmith
Secret Management	Vault, key rotation, environment variables	Azure KeyVault/HashiCorp Vault/SOPS
Database Migration	Schema versioning, rollback, seed data	EF Migrations/Flyway/Liquibase/dbmate

Deployment Strategy Comparison

Strategy	Risk	Downtime	Complexity	Best For
Blue-Green	Low	Zero	Medium	Critical services
Canary	Low	Zero	High	Gradual rollout
Rolling	Med	Zero	Low	Stateless services
Recreate	High	Yes	Low	Dev/staging environments
Feature Flags	Low	Zero	Medium	Feature-level control

Step 8: Observability & Monitoring

Concern	What to Research	Top Candidates to Compare
Structured Logging	Log format, correlation IDs, log levels, aggregation	Serilog/NLog/Winston/Pino
Log Aggregation	Centralized log search, dashboards, alerts	ELK/Loki+Grafana/Datadog/Seq
Metrics	Application metrics, custom counters, histograms	Prometheus/OpenTelemetry/App Insights
Distributed Tracing	Request tracing across services, span visualization	Jaeger/Zipkin/OpenTelemetry/Tempo
APM	Application performance monitoring, auto-instrumentation	Datadog/New Relic/App Insights/Elastic
Alerting	Threshold alerts, anomaly detection, on-call routing	PagerDuty/OpsGenie/Grafana Alerting
Health Checks	Liveness, readiness, startup probes	AspNetCore.Diagnostics/Terminus
Uptime Monitoring	External availability monitoring, SLA tracking	UptimeRobot/Pingdom/Checkly

Observability Decision: 3 Pillars

### Recommended Observability Stack

| Pillar   | Tool   | Why         |
| -------- | ------ | ----------- |
| Logs     | {tool} | {rationale} |
| Metrics  | {tool} | {rationale} |
| Traces   | {tool} | {rationale} |
| Alerting | {tool} | {rationale} |

Step 9: Code Quality & Clean Code Enforcement

Research, recommend tooling for automated code quality:

Concern	What to Research	Top Candidates to Compare
Linter (Backend)	Static analysis, code style, bug detection	Roslyn Analyzers/SonarQube/StyleCop/ReSharper
Linter (Frontend)	JS/TS linting, accessibility, complexity	ESLint/Biome/oxlint
Formatter	Auto-formatting, consistent style	Prettier/dotnet-format/EditorConfig
Code Analyzer	Security scanning, complexity metrics, duplication	SonarQube/CodeClimate/Codacy
Pre-commit Hooks	Git hooks, staged file validation	Husky+lint-staged/pre-commit/Lefthook
Editor Config	Cross-IDE consistency	.editorconfig/IDE-specific configs
Architecture Rules	Layer dependency enforcement, naming conventions	ArchUnit/NetArchTest/Dependency-Cruiser
API Design Standards	OpenAPI validation, naming, versioning	Spectral/Redocly/swagger-lint
Commit Conventions	Commit message format, changelog generation	Commitlint/Conventional Commits
Code Review Automation	Automated PR review, suggestion bots	Danger.js/Reviewdog/CodeRabbit

Enforcement Strategy

### Code Quality Gates

| Gate        | Tool   | Trigger        | Fail Criteria                                                                         |
| ----------- | ------ | -------------- | ------------------------------------------------------------------------------------- |
| Pre-commit  | {tool} | git commit     | Lint errors, format                                                                   |
| PR Check    | {tool} | Pull request   | Surviving mutants / mutation-score regression, issues (line-coverage diagnostic only) |
| CI Pipeline | {tool} | Push to branch | Build fail, test fail                                                                 |
| Scheduled   | {tool} | Weekly/nightly | Security vulns, debt                                                                  |

Scaffold Handoff (MANDATORY — consumed by `$scaffold`)

After code quality research, produce this handoff table in architecture report. $scaffold reads this table to generate actual config files — without it, scaffold cannot auto-configure quality tooling. — why: the handoff table is the only contract scaffold has for tool choices.

### Scaffold Handoff — Tool Choices

| Concern              | Chosen Tool                                         | Config File | Rationale                                                    |
| -------------------- | --------------------------------------------------- | ----------- | ------------------------------------------------------------ |
| Linter (FE)          | {tool}                                              | {filename}  | {why}                                                        |
| Linter (BE)          | {tool}                                              | {filename}  | {why}                                                        |
| Formatter            | {tool}                                              | {filename}  | {why}                                                        |
| Pre-commit           | {tool}                                              | {filename}  | {why}                                                        |
| Arch rules / fitness | {tool: ArchUnit / NetArchTest / Dependency-Cruiser} | {filename}  | {layer + dependency rules and Step-2 NFR budgets to enforce} |
| Error handling       | {pattern}                                           | {files}     | {why}                                                        |
| Loading state        | {pattern}                                           | {files}     | {why}                                                        |
| Docker               | {compose pattern}                                   | {files}     | {why}                                                        |

Also include: Error handling strategy (4-layer pattern), loading state approach (global vs per-component), Docker profile structure. Specific tool choices → docs/project-reference/ or project-config.json. The Arch rules / fitness row MUST encode Step-2 quality-attribute budgets and layer/dependency rules as executable checks — harness-setup wires these into CI so recorded ADR decisions stay enforced, not merely documented. — why: documented-but-unenforced budgets erode silently as code changes.

Step 10: Dependency Risk Assessment

Per recommended library/package, evaluate maintenance, obsolescence risk:

Package Health Scorecard

Criteria	Score (1-5)	How to Verify
Last Release Date	...	npm/NuGet page — stale if >12 months
Open Issues Ratio	...	GitHub issues open vs closed
Maintainer Count	...	Bus factor — single maintainer = high risk
Breaking Change Freq.	...	Changelog — frequent major versions = churn cost
Dependency Depth	...	`npm ls --depth` / dependency graph depth
Known Vulnerabilities	...	Snyk/npm audit/GitHub Dependabot
License Compatibility	...	SPDX identifier — check viral licenses (GPL)
Community Activity	...	Monthly commits, PR merge rate, Discord/forums
Migration Path	...	Can swap to alternative if abandoned?
Framework Alignment	...	Official recommendation by framework team?

Risk Categories

Risk Level	Criteria	Action
Low	Active, >3 maintainers, recent release, no CVEs	Use freely
Medium	1-2 maintainers, release <6mo, minor CVEs patched	Use with monitoring plan
High	Single maintainer, >12mo stale, open CVEs	Find alternative or plan exit strategy
Critical	Abandoned, unpatched CVEs, deprecated	DO NOT USE — find replacement

Dependency Maintenance Strategy

### Recommended Practices

1. **Automated scanning:** {tool} (Dependabot/Renovate/Snyk) — weekly PR for updates
2. **Lock file strategy:** Commit lock files, pin major versions, allow patch auto-update
3. **Audit schedule:** Monthly `npm audit` / `dotnet list package --vulnerable`
4. **Vendor policy:** Max {N} dependencies per concern, prefer well-maintained alternatives
5. **Exit strategy:** For each High-risk dependency, document migration path to alternative

Step 11: Generate Report

Write report to {plan-dir}/research/architecture-design.md with sections:

Executive summary (recommended architecture in 8-10 lines)
Architecture requirements table (from Step 2)
Backend architecture — style comparison + recommended patterns (Steps 3)
Frontend architecture — style comparison + recommended patterns (Step 4)
Library ecosystem — per-concern recommendations with alternatives (Step 5)
Testing architecture — pyramid, tools, coverage targets (Step 6)
CI/CD & deployment — pipeline design, deployment strategy (Step 7)
Observability stack — 3 pillars + alerting (Step 8)
Code quality — enforcement gates, tooling (Step 9)
Dependency risk matrix — high-risk packages, mitigation (Step 10)
Architecture diagram (Mermaid — showing all layers and data flow)
Risk assessment for overall architecture
Unresolved questions

Emit ADRs for hard-to-reverse decisions (MANDATORY)

For each decision significant AND costly to reverse — backend/frontend style, persistence/consistency model, messaging approach, a Step-2 quality-attribute budget, a rejected-with-reason alternative — write one ADR to docs/adr/{NNNN}-{slug}.md following the repo's existing ADR format (Status, Date, Context, Decision, Consequences [Positive/Negative/Neutral], Alternatives Considered, Related; see docs/adr/0001-skill-lifecycle.md for canonical shape). Start Status: Proposed; promote to Accepted after Step-12 user validation confirms it. These ADRs are the binding record review-architecture Category 9 checks changed code against — a decision not written as an ADR cannot be enforced downstream. Route ADR authoring through the architect sub-agent for cross-service/security/performance impact analysis.

Architecture Diagram Template

```mermaid
graph TB
    subgraph "Frontend"
        UI[SPA / Micro Frontend]
        STORE[State Management]
    end
    subgraph "API Gateway"
        GW[Gateway / BFF]
    end
    subgraph "Backend Services"
        CMD[Commands / Handlers]
        QRY[Queries / Read Models]
        SVC[Domain Services]
        ENT[Entities / Aggregates]
    end
    subgraph "Infrastructure"
        DB[(Database)]
        CACHE[(Cache)]
        MSG[Message Bus]
        SEARCH[(Search Index)]
    end
    subgraph "Observability"
        LOG[Logging]
        METRIC[Metrics]
        TRACE[Tracing]
    end
    subgraph "CI/CD"
        PIPE[Pipeline]
        REG[Container Registry]
        K8S[Orchestration]
    end
    UI --> GW --> CMD & QRY
    CMD --> SVC --> ENT --> DB
    QRY --> CACHE & SEARCH
    ENT -.-> MSG
    CMD & QRY -.-> LOG & METRIC & TRACE
    PIPE --> REG --> K8S
```

Step 12: User Validation Interview

MANDATORY IMPORTANT MUST ATTENTION present findings, ask 8-12 questions via a direct user question:

Required Questions

Backend architecture — "I recommend {style}. Agree?"
Frontend architecture — "I recommend {style} with {state management}. Agree?"
Design patterns — "Recommended backend patterns: {list}. Frontend patterns: {list}. Any to add/remove?"
Key libraries — "For {concern}, I recommend {lib} over {alternatives}. Agree?"
Testing strategy — "Test pyramid: {unit}%/{integration}%/{E2E}% using {frameworks}. Appropriate?"
CI/CD — "Pipeline: {tool} with {deployment strategy}. Fits your infra?"
Observability — "Monitoring stack: {logs}/{metrics}/{traces}. Sufficient?"
Code quality — "Enforcement: {linter + formatter + pre-commit hooks}. Team ready?"
Dependency risk — "Found {N} high-risk dependencies. Accept or find alternatives?"
Complexity check — "This architecture has {N} concerns addressed. Appropriate for team size?"

Optional Deep-Dive Questions (pick 2-3)

"Should we use event sourcing or traditional state-based persistence?"
"Monolith-first or start with service boundaries?"
"Micro frontends or monolith SPA?"
"How important is framework independence for this repository or system?"
"Self-hosted observability or managed SaaS?"
"Strict lint rules from day 1 or gradual adoption?"

After user confirms, update report with final decisions, mark status: confirmed.

Best Practices Audit (applied across all steps)

Validate architecture against these principles — flag violations in report. — why: an unflagged SOLID/DRY violation compounds into rework once code lands on the flaw.

Principle	Check	Status
Single Responsibility (S)	Each class/module has one reason to change	✅/⚠️
Open/Closed (O)	Extensible without modifying existing code	✅/⚠️
Liskov Substitution (L)	Subtypes substitutable for base types	✅/⚠️
Interface Segregation (I)	No forced dependency on unused interfaces	✅/⚠️
Dependency Inversion (D)	High-level modules depend on abstractions, not concretions	✅/⚠️
DRY	No duplicated business logic across layers	✅/⚠️
KISS	Simplest architecture that meets requirements	✅/⚠️
YAGNI	No speculative layers or patterns for future needs	✅/⚠️
Separation of Concerns	Clear boundaries between domain, application, infra	✅/⚠️
IoC / Dependency Injection	All dependencies injected, no `new` in business logic	✅/⚠️
Technical Agnosticism	Domain layer has zero framework/infra dependencies	✅/⚠️
Testability	Architecture supports unit + integration testing	✅/⚠️
12-Factor App	Config in env, stateless processes, port binding	✅/⚠️
Fail-Fast	Validate early, fail with clear errors	✅/⚠️

Output

{plan-dir}/research/architecture-design.md     # Full architecture analysis report
{plan-dir}/phase-02b-architecture.md           # Confirmed architecture decisions
docs/adr/{NNNN}-{slug}.md                       # One ADR per hard-to-reverse decision (see Step 11)

MANDATORY IMPORTANT MUST ATTENTION break work into small todo tasks using task tracking BEFORE starting. MANDATORY IMPORTANT MUST ATTENTION validate EVERY architecture recommendation with user via a direct user question — never auto-decide. MANDATORY IMPORTANT MUST ATTENTION include confidence % and evidence citations for all claims. MANDATORY IMPORTANT MUST ATTENTION add a final review todo task to verify work quality.

Next Steps

MANDATORY IMPORTANT MUST ATTENTION — NO EXCEPTIONS after completing this skill, you MUST ATTENTION use a direct user question to present these options. NEVER skip because the task seems "simple" or "obvious" — the user decides:

"$plan (Recommended)" — Create implementation plan from architecture design
"$refine" — If need to create PBIs first
"Skip, continue manually" — user decides

Council escalation (always-offer, second prompt)

After the existing ## Next Steps prompt above resolves, present a second, independent a direct user question call (NEVER merge into the first):

"Skip council — proceed (Recommended)" — Continue with the architecture decision as-is. Recommended default.
"Escalate to $llm-council" — Run 11 sub-agent council (5 advisors + 5 reviewers + chairman). Use when this architecture pick is hard to reverse and you need adversarial framing. Cheaper alternatives: $why-review, $plan-validate (run these first if you haven't).

Prompt-Enhance Closing Anchors

IMPORTANT MUST ATTENTION follow declared step order for this skill; NEVER skip, reorder, or merge steps without explicit user approval
IMPORTANT MUST ATTENTION for every step/sub-skill call: set in_progress before execution, set completed after execution
IMPORTANT MUST ATTENTION every skipped step MUST include explicit reason; every completed step MUST include concise evidence
IMPORTANT MUST ATTENTION if Task tools unavailable, maintain an equivalent step-by-step plan tracker with synchronized statuses

Anti-Rationalization (reject these excuses)

Excuse the model tells itself	Reality
"I know this stack — skip the 3-options research"	Familiarity ≠ evidence. Research 3+ options with cited proof per concern, every time.
"The architecture is obvious — skip user validation"	Step 12 is MANDATORY. The user owns hard-to-reverse decisions; never auto-decide.
"No scale numbers given, I'll just pick a style"	Missing target = explicit `Unresolved question`, never a silent guess. Quantify via Step-2 first.
"It's a small feature — skip the ADR"	If a decision is significant AND costly to reverse, it needs an ADR or it cannot be enforced.
"Brownfield, but my preferred style is better"	NEVER re-litigate a settled ADR-recorded decision without a superseding-ADR rationale.
"I'll document the budget, enforcement is optional"	Documented-but-unenforced budgets erode. Encode them as executable fitness checks for CI.

Closing Reminders

IMPORTANT MUST ATTENTION Goal: Deliver a complete, evidence-backed, user-validated architecture decision report — every concern researched with 3+ options, every recommendation carrying confidence % + cited evidence, every decision confirmed by the user — so implementation proceeds on sound, owned architectural choices.

IMPORTANT MUST ATTENTION — Protocols in force (concise digest of the SYNC/shared blocks this skill carries):

Critical Thinking: traced file:line proof per claim, confidence >80% to act.
Sequential Thinking: multi-step Thought N/M with REVISION/BRANCH/HYPOTHESIS, confidence closer.
AI Mistake Prevention: verify generated content against evidence, trace downstream references, verify all affected outputs, re-read after context loss, surface ambiguity.

MANDATORY IMPORTANT MUST ATTENTION research min 3 options per architecture concern with cited web evidence (stars, last release, downloads, CVE scan) — NEVER recommend from familiarity alone — why: familiarity bias ships unmaintained or insecure dependencies. MANDATORY IMPORTANT MUST ATTENTION validate decisions with user via a direct user question (Step 12) — NEVER auto-decide a hard-to-reverse choice — why: the user owns hard-to-reverse decisions; the architect proposes, the user confirms. MANDATORY IMPORTANT MUST ATTENTION quantify Step-2 quality-attribute scenarios (latency p95/p99, throughput, SLO, RPO/RTO, growth, concurrency) — any unknown target becomes an explicit Unresolved question, NEVER a silent guess — why: a style chosen without numbers is a guess, not an enforceable decision. MANDATORY IMPORTANT MUST ATTENTION brownfield: FIRST read project reference docs + accepted ADRs, constrain research to the existing stack, and NEVER re-litigate a settled ADR-recorded decision without a superseding-ADR rationale — why: re-deciding a recorded choice churns the codebase and breaks downstream conformance checks. MANDATORY IMPORTANT MUST ATTENTION search 3+ existing patterns/ADRs before proposing any new style or pattern; cite file:line (or URL/benchmark) evidence and a confidence % for EVERY claim — confidence >80% to recommend, <60% DO NOT recommend — why: speculation without proof is forbidden output. MANDATORY IMPORTANT MUST ATTENTION evaluate fit before copying a nearby pattern — closest example ≠ matching preconditions; verify the new context shares the same scale, constraints, and boundaries — why: a pattern lifted into a mismatched context fails silently. MANDATORY IMPORTANT MUST ATTENTION produce the two binding downstream contracts — one ADR per hard-to-reverse decision (review-architecture Cat 9 enforces) AND the Scaffold Handoff tool-choices table (scaffold/harness-setup consume) — a decision not written as an ADR or encoded as an executable fitness check cannot be enforced downstream — why: documented-but-unenforced budgets erode silently as code changes. MANDATORY IMPORTANT MUST ATTENTION break work into small todo tasks using task tracking BEFORE starting; mark one in_progress, mark completed immediately after evidence lands; add a final review todo — why: external task state survives context compaction; memory does not.

Anti-Rationalization (Closing — reject these excuses):

Excuse the model tells itself	Reality
"I know this stack — skip the 3-options research"	Familiarity ≠ evidence. Research 3+ options with cited proof per concern, every time.
"The architecture is obvious — skip user validation"	Step 12 is MANDATORY. The user owns hard-to-reverse decisions; never auto-decide.
"No scale numbers given, I'll just pick a style"	Missing target = explicit `Unresolved question`, never a silent guess. Quantify via Step-2 first.
"Small feature — skip the ADR / fitness check"	Significant AND costly-to-reverse → needs an ADR + executable fitness rule, or it cannot be enforced.
"Brownfield, but my preferred style is better"	NEVER re-litigate a settled ADR-recorded decision without a superseding-ADR rationale.
"Found a nearby pattern, just copy it"	Evaluate fit first — same scale/constraints/boundaries? Closest ≠ matching. Verify before reusing.

MUST ATTENTION apply critical + sequential thinking — every claim needs appropriate traced evidence (file:line for repo/code claims; source URL or artifact section for research, product, content, and docs claims); confidence >80% to act, <60% DO NOT recommend. Anti-hallucination: never present guess as fact, admit uncertainty freely, cross-reference independently, stay skeptical of own confidence.

Critical Thinking Mindset — Apply critical thinking, sequential thinking. Every claim needs traced proof, confidence >80% to act. Anti-hallucination: Never present guess as fact — cite sources for every claim, admit uncertainty freely, self-check output for errors, cross-reference independently, stay skeptical of own confidence — certainty without evidence root of all hallucination.

Sequential Thinking Protocol — Structured multi-step reasoning for complex/ambiguous work. Use when planning, reviewing, debugging, or refining ideas where one-shot reasoning is unsafe.

Trigger when: complex problem decomposition · adaptive plans needing revision · analysis with course correction · unclear/emerging scope · multi-step solutions · hypothesis-driven debugging · cross-cutting trade-off evaluation.

Format (explicit mode — visible thought trail):

Thought N/M: [aspect] — one aspect per thought, state assumptions/uncertainty

Thought N/M [REVISION of Thought K]: ... — when prior reasoning invalidated; state Original / Why revised / Impact

Thought N/M [BRANCH A from Thought K]: ... — explore alternative; converge with decision rationale

Thought N/M [HYPOTHESIS]: ... then [VERIFICATION]: ... — test before acting

Thought N/N [FINAL] — only when verified, all critical aspects addressed, confidence >80%

Mandatory closers: Confidence % stated · Assumptions listed · Open questions surfaced · Next action concrete.

Stop conditions: confidence <80% on any critical decision → escalate via ask the user directly · ≥3 revisions on same thought → re-frame the problem · branch count >3 → split into sub-task.

Implicit mode: apply methodology internally without visible markers when adding markers would clutter the response (routine work where reasoning aids accuracy).

Deep-dive: see $sequential-thinking skill (.claude/skills/sequential-thinking/SKILL.md) for worked examples (API design, debugging, architecture), advanced techniques (spiral refinement, hypothesis testing, convergence), and meta-strategies (uncertainty handling, revision cascades).

AI Mistake Prevention — Failure modes to avoid on every task:

Re-read files after context changes. Context compaction, resume, or long-running work can make memory stale; verify current files before acting. Verify generated content against source evidence. AI hallucinates APIs, names, claims, and document facts. Check the relevant source before documenting or referencing. Check downstream references before deleting or renaming. Removing an artifact can stale docs, generated mirrors, configs, and callers; map references first. Trace the full impact chain after edits. Changing a definition can miss derived outputs and consumers. Follow the affected chain before declaring done. Verify ALL affected outputs, not just the first. One green check is not all green checks; validate every output surface the change can affect. Assume existing values are intentional — ask WHY before changing. Before changing a constant, limit, flag, wording, or pattern, read nearby context and history. Surface ambiguity before acting — don't pick silently. Multiple valid interpretations require an explicit question or stated assumption with risk. Keep shared guidance role-relevant. Universal guidance must help every receiving skill or agent; code-specific obligations belong only in code-specific protocols.

MANDATORY IMPORTANT MUST ATTENTION use task tracking to break ALL work into small tasks BEFORE starting. MANDATORY IMPORTANT MUST ATTENTION use a direct user question at EVERY decision point — never assume user preferences. MANDATORY IMPORTANT MUST ATTENTION research top 3 options per architecture concern, compare with evidence, present report with recommendation + confidence %.

External Memory: For complex or lengthy work (research, analysis, scan, review), write intermediate findings and final results to a report file in plans/reports/ — prevents context loss and serves as deliverable.

Evidence Gate: MANDATORY IMPORTANT MUST ATTENTION — every claim, finding, and recommendation requires file:line proof or traced evidence with confidence percentage (>80% to act, <80% must verify first).

MUST ATTENTION apply sequential-thinking — multi-step Thought N/M, REVISION/BRANCH/HYPOTHESIS markers, confidence % closer; see $sequential-thinking skill.

MUST ATTENTION apply AI mistake prevention — verify generated content against evidence, trace downstream references before deleting or renaming, verify all affected outputs, re-read files after context loss, and surface ambiguity before acting.

[TASK-PLANNING] Before acting, analyze task scope and systematically break it into small todo tasks and sub-tasks using task tracking.

[IMPORTANT] Analyze how big the task is and break it into many small todo tasks systematically before starting — this is very important.

Hookless Prompt Protocol Mirror (Auto-Synced)

Source: .claude/.ck.json + .claude/skills/shared/sync-inline-versions.md (:full blocks) + .claude/scripts/lib/hookless-prompt-protocol.cjs

[WORKFLOW-EXECUTION-PROTOCOL] [BLOCKING] Workflow Execution Protocol — MANDATORY IMPORTANT MUST CRITICAL. Do not skip for any reason.

Generic portability boundary: Reusable skills and protocol text stay project-neutral; project-specific conventions are discovered from docs/project-config.json and docs/project-reference/. Apply shared AI-SDD from shared/sdd-artifact-contract.md. Read docs/project-config.json and docs/project-reference/docs-index-reference.md, then open the project reference docs named there. For spec, test-case, behavior-change, public-contract, or docs/specs/ work, route through the local spec docs named by the docs index: feature-spec-reference.md, spec-system-reference.md, spec-principles.md, and workflow-spec-test-code-cycle-reference.md when specs/tests/code must stay synchronized. If either file or a required reference doc is missing or stale, auto-run $project-init (or the narrow lower-level route such as $project-config, $docs-init, $scan-all, or $scan --target=<key>) before ordinary project-specific work. Any supported AI tool may execute when this shared context and local docs are available.

DETECT: If the prompt starts with an explicit slash skill/workflow command, execute it directly. Otherwise match the prompt against the workflow catalog and skill list.
ANALYZE: Choose the best option: execute directly, invoke a skill, activate a standard workflow, or compose a custom step combination.
AUTO-SELECT: Pick the best option yourself. Do not ask the user to choose between direct execution, skill, standard workflow, or custom workflow.
ACTIVATE: For a selected workflow, call $start-workflow <workflowId>; for a selected skill, invoke that skill; for a custom workflow, sequence custom steps directly; for direct execution, proceed with the task.
CREATE TASKS: task tracking for ALL workflow/skill/custom steps before execution when the selected path has multiple steps.
EXECUTE: Advance per the Workflow Step Advancement & Parallel Phases rule in your context instructions — model-driven; a sub-agent completion advances a step identically to an inline call; a parallel-phase group is an all-return barrier (advance only after ALL members return, never serialize it)

Shared AI-SDD Protocol Markers

Source: .claude/skills/shared/sync-inline-versions.md

SYNC:ai-sdd-artifact-contract

AI-SDD Artifact Contract — Shared spec-driven development rules stay portable and source-owned.

Keep reusable AI-SDD principles in .claude; put repository-specific paths, commands, owners, products, and formats in project config/reference docs.

Preserve cycle: spec -> plan -> tasks -> implement -> verify -> update spec/docs.

Trace every requirement or invariant through decision, task, TC/test, source evidence, and docs/spec update.

Treat code-to-spec extraction as reference-only until accepted by the canonical spec owner.

Any supported AI tool may plan, implement, review, or verify with synced context; using multiple tools is optional.

Update .claude source first, then sync generated mirrors; do not manually edit .agents, .codex, or AGENTS.md. — why: mirrors are generated artifacts; hand-edits are overwritten on the next sync

If docs/project-config.json, root instruction files, or a required project-reference doc is missing or stale, auto-run $project-init or the narrow lower-level route before ordinary project-specific work.

Active reference: shared/sdd-artifact-contract.md in the active skills root.

SYNC:ai-sdd-artifact-contract:reminder

MANDATORY Apply shared/sdd-artifact-contract.md; keep reusable AI-SDD in .claude and local rules in project docs.
MANDATORY Code-to-spec extraction is reference-only until canonical acceptance; any supported AI tool may execute with synced context.
MANDATORY Update .claude source before syncing generated mirrors; do not manually edit .agents, .codex, or AGENTS.md.
MANDATORY Missing or stale project config, root instruction files, or required reference docs route project-specific work through $project-init or the narrow setup route automatically. [TASK-PLANNING] [MANDATORY] BEFORE executing any workflow or skill step, create/update task tracking for all planned steps, then keep it synchronized as each step starts/completes.

[LESSON-LEARNED-REMINDER] [BLOCKING] Task Planning & Continuous Improvement — MANDATORY. Do not skip.

Break work into small tasks (task tracking) before starting. Add final task: "Analyze AI mistakes & lessons learned".

Extract lessons — ROOT CAUSE ONLY, not symptom fixes:

Name the FAILURE MODE (reasoning/assumption failure), not symptom — "assumed API existed without reading source" not "used wrong enum value".
Generality test: does this failure mode apply to ≥3 contexts/codebases? If not, abstract one level up.
Write as a universal rule — strip project-specific names/paths/classes. Useful on any codebase.
Consolidate: multiple mistakes sharing one failure mode → ONE lesson.
Recurrence gate: "Would this recur in future session WITHOUT this reminder?" — No → skip $learn.
Auto-fix gate: "Could $code-review/$code-simplifier/$security-review/$lint catch this?" — Yes → improve review skill instead.
BOTH gates pass → ask user to run $learn. [CRITICAL-THINKING-MINDSET] Apply critical thinking, sequential thinking. Every claim needs traced proof, confidence >80% to act. Anti-hallucination principle: Never present guess as fact — cite sources for every claim, admit uncertainty freely, self-check output for errors, cross-reference independently, stay skeptical of own confidence — certainty without evidence root of all hallucination. AI Attention principle (Primacy-Recency): Put the 3 most critical rules at both top and bottom of long prompts/protocols so instruction adherence survives long context windows. Goal-driven execution: Define success criteria first, loop until verified, and stop only when observable checks pass. Tests verify intent: Tests must protect business rules/invariants and fail when the protected intent breaks, not only mirror current behavior.

Common AI Mistake Prevention (System Lessons)

Re-read files after context compaction. Edit requires prior Read in same context; compaction wipes read state. Re-read before editing.
Grep for old terms after bulk replacements. AI over-trusts find/replace completeness. Grep full repo after bulk edits for missed refs in docs/configs/catalogs.
Check downstream references before deleting. Deletions cascade doc/code staleness. Map referencing files before removal.
After memory loss, check existing state before creating new. Compaction wipes prior-work memory. Query current state to resume — never blindly duplicate.
Verify AI-generated content against actual code. AI hallucinates APIs, class names, method signatures. Grep to confirm existence before documenting/referencing.
Trace full dependency chain after edits. Changing a definition misses downstream consumers. Trace the full chain.
When renaming, grep ALL consumer file types. Some file types silently ignore missing refs (no compile error). Search code, templates, configs, generated files.
Trace ALL code paths when verifying correctness. Code existing ≠ code executing. Trace early exits, error branches, conditional skips — not just happy path.
Update docs that embed canonical data when source changes. Docs inlining derived data (workflows, schemas, configs) go stale silently. Update all embedding docs alongside source.
Verify sub-agent results after context recovery. Background agents may finish while parent compacted — grep-verify output, don't trust assumed completion.
Cross-check full target list against sub-agent assignments. Parallel sub-agents by category miss boundary items. Reconcile union of assignments against target list before proceeding.
Sub-agents inherit knowledge only from their agent .md definition — use custom agent types, not built-in Explore. Tool adoption = permission + knowledge + enforcement (numbered workflow step).
Persist sub-agent findings incrementally, not as a final batch. Long sub-agents hit cutoffs before final write — findings lost. Instruct append-per-section to report file.
When debugging, ask "whose responsibility?" before fixing. Trace caller (wrong data) vs callee (wrong handling). Fix at responsible layer — never patch symptom site.
Grep ALL removed names after extraction/refactoring. Primary file "done" ≠ secondary files clean. Grep entire scope for every removed symbol before declaring complete.
Assume existing values are intentional — ask WHY before changing. Pattern-matching as "wrong" skips context. Before changing any constant/limit/flag: read comments, git blame, surrounding code.
Verify ALL affected outputs, not just the first. One build green ≠ all green. Multi-stack changes (backend/frontend/tests/docs) require verifying EVERY output.
Evaluate fit before copying a nearby pattern. Closest example ≠ matching preconditions — verify the new context shares the same constraints, base classes, scope, lifetime.
Holistic-first debugging — resist nearest-attention trap. Don't dive into first plausible cause. List EVERY precondition (config, env vars, paths, DB, endpoints, creds, versions, DI, data). Verify each against evidence (grep/query — not reasoning). Ask "what would falsify this?" — if nothing, it's not a hypothesis. Most expensive failure: going deeper in "obvious" layer while bug sits in layer never questioned.
Surgical changes — apply the diff test (context-aware). Two modes: (1) Bug fix → every line traces to the bug; no restyling; orphan cleanup only for imports YOUR changes made unused. (2) Review/enhancement → implement improvements AND announce as "Enhancement beyond main request: [what]". Never silently scope-creep. Diff test: "Would this line exist if I wasn't asked to do X?" — if no, delete or announce.
Surface ambiguity before coding — don't pick silently. Multiple valid interpretations → present each with effort: "[Request] could mean (1) [N h], (2) [N h]. Which matters?" List scope/format/volume/constraints assumptions first. If simpler path exists, say so. Never silently pick.
[MANDATORY FIRST ACTION] ALWAYS activate a suitable skill or workflow BEFORE responding. Match task against workflow catalog + skill list; invoke via skill invocation or $start-workflow <workflowId>. NEVER answer or write code before checking. Skip = protocol violation.
Why-Review adversarial mindset — apply when reviewing any plan, decision, or design. Default SKEPTIC not VALIDATOR: steel-man a rejected alternative, invert each stated reason ("what does it sacrifice?"), stress-test top 2-3 assumptions, run pre-mortem ("ships, fails in 3 months — what breaks?"), surface 1-2 alternatives author missed. Section presence ≠ quality; quality = causal reasoning + concrete mitigations + evidence, not "it's better" or "monitor closely".
Front-load report-write in sub-agent prompts for large reviews. Many-file sub-agents hit budget before final write — findings lost. Design prompts so: (1) report-write is first explicit deliverable, (2) append per-file/section (not batched), (3) scope bounded so reads don't exhaust budget. Truncated mid-sentence with no report file → spawn narrower scope, don't retry same prompt.
After context compaction, re-verify all prior phase outcomes before continuing. Summaries describe intent, not environment state (git index, filesystem, processes). On resume, FIRST audit: git status, re-read modified files, verify filesystem. Every "completed" claim is an untested hypothesis until evidence confirms.
OOM/memory: check row count before row size. Triage: (1) Unbounded query — no DB filter for trigger? Push filter to DB; eliminates OOM. (2) Large rows? Projection reduces proportionally. Row reduction > projection in ROI.
Keep domain concepts out of generic/shared/infrastructure layers. Reusable layer (shared library, framework, infra module) must reference NO consumer-specific domain concept — tenant/customer/product IDs, business entities, feature rules. Leak compiles + runs → passes review silently while coupling the "reusable" layer to one consumer. Keep shared type domain-free; push domain fields/logic down into the consumer via subclass/composition. — why: a layer coupled to one consumer's domain is no longer reusable.

name	architecture-design
description	[Architecture] Use when designing solution architecture across backend, frontend, deployment, monitoring, testing, and code quality.

Codex compatibility note:

Invoke repository skills with $skill-name in Codex; this mirrored copy rewrites legacy Claude /skill-name references.

Task tracker mandate: BEFORE executing any workflow or skill step, create/update task tracking for all steps and keep it synchronized as progress changes.

User-question prompts mean to ask the user directly in Codex.

Ignore Claude-specific mode-switch instructions when they appear.

Strict execution contract: when a user explicitly invokes a skill, execute that skill protocol as written.

Subagent authorization: when a skill is user-invoked or AI-detected and its protocol requires subagents, that skill activation authorizes use of the required spawn_agent subagent(s) for that task.

Do not skip, reorder, or merge protocol steps unless the user explicitly approves the deviation first.

For workflow skills, execute each listed child-skill step explicitly and report step-by-step evidence.

If a required step/tool cannot run in this environment, stop and ask the user before adapting.

Codex Project-Reference Loading (No Hooks)

Codex uses static project-reference loading instead of runtime-injected project docs. When coding, planning, debugging, testing, or reviewing, open project docs explicitly using this routing.

Always read:

docs/project-config.json (project-specific paths, commands, modules, and workflow/test settings)
docs/project-reference/docs-index-reference.md (routes to the full docs/project-reference/* catalog)
docs/project-reference/lessons.md (always-on guardrails and anti-patterns)

Situation-based docs:

Backend/CQRS/API/domain/entity changes: backend-patterns-reference.md, domain-entities-reference.md, project-structure-reference.md
Frontend/UI/styling/design-system: frontend-patterns-reference.md, scss-styling-guide.md, design-system/README.md
Spec authoring, docs/specs/ pathing, or TC format: feature-spec-reference.md, spec-system-reference.md, spec-principles.md
Behavior/public-contract changes or spec-test-code sync: workflow-spec-test-code-cycle-reference.md plus the spec docs above
Derived spec indexes/ERDs/reimplementation guides: spec-system-reference.md and source Feature Specs under docs/specs/
Integration test implementation/review: integration-test-reference.md
E2E test implementation/review: e2e-test-reference.md
Code review/audit work: code-review-rules.md plus domain docs above based on changed files

Do not read all docs blindly. Start from docs-index-reference.md, then open only relevant files for the task.

[BLOCKING] Execute skill steps in declared order. NEVER skip, reorder, or merge steps without explicit user approval. [BLOCKING] Before each step or sub-skill call, update task tracking: set in_progress when step starts, set completed when step ends. [BLOCKING] Every completed/skipped step MUST include brief evidence or explicit skip reason. [BLOCKING] If Task tools are unavailable, create and maintain an equivalent step-by-step plan tracker with the same status transitions.

Quick Summary

Summary:

Decide mode FIRST (Step 1): greenfield researches every concern from scratch; brownfield reads reference docs + accepted ADRs and constrains research to the existing stack — NEVER re-litigate a settled ADR-recorded decision without a superseding-ADR rationale.
Drive the style choice with NUMBERS, not adjectives: quantify Step-2 quality-attribute scenarios (latency p95/p99, throughput, SLO, RPO/RTO, data growth, concurrency); any unknown target becomes an explicit Unresolved question, never a silent guess.
Every concern needs 3+ researched options with cited evidence (stars, last release, downloads, CVE scan) + a confidence % — familiarity alone is never sufficient grounds for a recommendation.
Produce the two binding downstream contracts and you're done; skip either and the chain breaks: emit an ADR per hard-to-reverse decision (review-architecture Cat 9 enforces it) and the Scaffold Handoff tool-choices table (scaffold/harness-setup consume it), then run the MANDATORY Step-12 user-validation interview before confirming.

Workflow (12 steps):

Load Context — Read domain model, tech stack, business evaluation, refined PBI
Derive Architecture Requirements — Map business/domain complexity to architecture constraints
Backend Architecture — Research top 3 backend architecture styles + design patterns
Frontend Architecture — Research top 3 frontend architecture styles + design patterns
Library Ecosystem Research — Best-practice libraries per concern (validation, caching, logging, utils, etc.)
Testing Architecture — Unit, integration, E2E, performance testing frameworks + strategy
CI/CD & Deployment — Pipeline design, containerization, orchestration, IaC
Observability & Monitoring — Logging, metrics, tracing, alerting stack
Code Quality & Clean Code — Linters, analyzers, formatters, enforcement tooling
Dependency Risk Assessment — Package health, obsolescence risk, maintenance cost
Generate Report — Full architecture decision report with all recommendations
User Validation — Present findings, ask 8-12 questions, confirm all decisions

Key Rules:

MANDATORY IMPORTANT MUST ATTENTION research minimum 3 options per architecture concern with web evidence
MANDATORY IMPORTANT MUST ATTENTION include confidence % with evidence for every recommendation
MANDATORY IMPORTANT MUST ATTENTION run user validation interview at end (never skip)
Delegate to solution-architect agent for complex architecture decisions
All claims must cite sources (URL, benchmark, case study, or codebase evidence)
Base every recommendation on evidence, never on familiarity alone

Be skeptical. Apply critical thinking, sequential thinking. Every claim needs traced proof, confidence percentages (Idea should be more than 80%).

Inputs & Handoffs (consume vs produce)

Consumes (read, don't re-derive)	From	Produces (named deliverable)	Consumed by
Bounded contexts, aggregates, domain events, ERD	`domain-analysis`	Architecture decision report (`{plan-dir}/research/...`)	`plan`, `plan-execute`
Confirmed languages/frameworks/databases	`tech-stack-research`	Confirmed decisions (`{plan-dir}/phase-02b-architecture.md`)	`plan`, `scaffold`
Expected scale, compliance, budget constraints	`business-evaluation`	Scaffold Handoff table (tooling + fitness rules)	`scaffold`, `harness-setup`
Existing stack/patterns/ADRs (brownfield)	reference docs, `docs/adr/**`	ADRs for hard-to-reverse decisions (`docs/adr/`)	`review-architecture` (conformance)

Step 1: Load Context

Mode (decide first): Greenfield (new project, e.g. via workflow-greenfield-init) → research every concern from scratch, full 3-options-per-concern. Brownfield (large feature in existing codebase, e.g. workflow-big-feature) → FIRST read project reference docs + accepted ADRs, constrain research to existing stack/patterns, propose changes only where new requirement genuinely outgrows them — NEVER re-litigate settled ADR-recorded decision without superseding-ADR rationale. — why: re-deciding a recorded choice churns the codebase and breaks downstream conformance checks.

Read artifacts from prior workflow steps (search plans/ and team-artifacts/):

Domain model / ERD (complexity, bounded contexts, aggregate count)
Tech stack decisions (confirmed languages, frameworks, databases)
Business evaluation (scale, constraints, compliance)
Refined PBI (scope, acceptance criteria)
Discovery interview (team skills, experience level)

Extract, summarize:

Signal	Value	Source
Bounded contexts	...	domain model
Aggregate count	...	domain model
Cross-context events	...	domain model
Confirmed tech stack	...	tech stack phase
Expected scale	...	business eval
Team architecture exp.	...	discovery
Compliance requirements	...	business eval
Real-time needs	Yes/No	refined PBI
Integration complexity	Low/Med/High	domain model
Deployment target	...	business eval

Step 2: Derive Architecture Requirements

Map signals to architecture constraints:

Signal	Architecture Requirement	Priority
Many bounded contexts	Clear module boundaries, context isolation	Must
High scale	Horizontal scaling, stateless services, caching strategy	Must
Complex domain	Rich domain model, separation of domain from infra	Must
Cross-context events	Event-driven communication, eventual consistency	Must
Small team	Low ceremony, fewer layers, convention over configuration	Should
Compliance	Audit trail, immutable events, access control layers	Must
Real-time	Event sourcing or pub/sub, WebSocket/SSE support	Should
High integration complexity	Anti-corruption layers, adapter pattern, API gateway	Should

Quality-Attribute Scenarios (quantify — these drive the style choice)

Quality attribute	Scenario (stimulus → measurable response)	Target (fill in)
Latency	p95 / p99 response time for the hottest read and write paths	e.g. p99 < 300ms
Throughput	Sustained req/s and peak burst the system must absorb	e.g. 500 rps peak
Availability / SLO	Target uptime and error budget	e.g. 99.9%
Data durability (RPO)	Max acceptable data loss on failure	e.g. ≤ 5 min
Recovery (RTO)	Max acceptable time to restore service	e.g. ≤ 30 min
Data-volume growth	Row/document/event growth → storage, index, partition strategy	e.g. 10M rows/yr
Concurrency	Concurrent users/sessions and contention hot spots	e.g. 2k concurrent
Compliance/retention	Regulated data, retention window, residency, audit	e.g. GDPR, 7yr

Rule: any target left unknown is explicit Unresolved question (Step 11), NEVER a silent omission — an architecture chosen without scale numbers is a guess, not a decision.

MANDATORY IMPORTANT MUST ATTENTION validate derived requirements with user via a direct user question before proceeding.

Step 3: Backend Architecture

3A: Architecture Styles

WebSearch top 3 backend architecture styles. Candidates:

Style	Best For	Research Focus
Clean Architecture	Complex domains, long-lived projects	Dependency rule, testability, flexibility
Hexagonal (Ports+Adapt)	Integration-heavy, multiple I/O adapters	Port contracts, adapter isolation
Vertical Slice	Feature-focused teams, rapid delivery	Slice isolation, code locality
Modular Monolith	Starting simple, eventual decomposition	Module boundaries, migration path
Microservices	Large teams, independent deployment	Service boundaries, operational overhead
CQRS + Event Sourcing	Audit-heavy, complex queries	Read/write separation, event store
Layered (N-Tier)	Simple CRUD, small teams	Layer responsibilities, coupling risk

3B: Backend Design Patterns

Evaluate applicability per layer:

Pattern	Layer	When to Apply
Repository	Data Access	Abstract data store, enable testing
CQRS	Application	Separate read/write models, complex queries
Mediator	Application	Decouple handlers from controllers
Strategy	Domain/App	Multiple interchangeable algorithms
Observer/Events	Domain	Cross-aggregate side effects
Factory	Domain	Complex object creation with invariants
Decorator	Cross-cutting	Add behavior without modifying (logging, caching)
Adapter	Infrastructure	Isolate external dependencies
Specification	Domain	Composable business rules, complex filtering
Unit of Work	Data Access	Transaction management across repositories
Saga/Orchestr.	Cross-service	Distributed transactions, compensating actions
Outbox	Messaging	Reliable event publishing with DB transactions
Circuit Breaker	Infrastructure	External service resilience

Per recommended pattern document: Apply to, Why, Example, Risk if skipped.

Step 4: Frontend Architecture

4A: Architecture Styles

WebSearch top 3 frontend architecture styles. Candidates:

Style	Best For	Research Focus
MVVM	Data-binding heavy, forms-over-data apps	ViewModel responsibility, two-way binding
MVC	Server-rendered, traditional web apps	Controller routing, view separation
Component Architecture	Configured SPA/component framework	Component isolation, props/events, reuse
Reactive Store (Redux)	Complex state, multi-component sync	Single source of truth, immutable state
Signal-based Reactivity	Fine-grained reactivity in frameworks that support signals	Granular updates without broad change detection
Micro Frontends	Multiple teams, independent deployment	Module federation, routing, shared state
Feature-based Modules	Large monolith SPA, lazy loading	Feature boundaries, route-level splitting
Server Components (RSC)	SEO, initial load performance	Server/client boundary, streaming

4B: Frontend Design Patterns

Pattern	Layer	When to Apply
Container/Presentational	Component	Separate logic from UI rendering
Reactive Store	State	Centralized state, cross-component communication
Facade Service	Service	Simplify complex API interactions
Adapter/Mapper	Data	Transform API response to view model
Observer (RxJS)	Async	Event streams, real-time data, debounce/throttle
Strategy (renderers)	UI	Conditional rendering strategies per entity type
Composite (components)	UI	Tree structures, recursive components
Command (undo/redo)	UX	Form wizards, canvas editors, undoable actions
Lazy Loading	Performance	Route/module-level code splitting
Virtual Scrolling	Performance	Large lists, infinite scroll

Step 4B: UI System Architecture

Skip if: Backend-only project, no frontend component.

Research, recommend project design system architecture. Use a direct user question for each decision.

4B-1: Styling Approach

WebSearch top 3 styling approaches for confirmed frontend framework:

Approach	Best For	Research Focus
Utility-first (Tailwind CSS)	Rapid prototyping, design enforcement	JIT, custom config, design tokens
CSS Modules / Scoped CSS	Component isolation, no global conflicts	Naming, composition patterns
SCSS/SASS with BEM	Complex theming, token variables	BEM methodology, mixin libraries
CSS-in-JS	Dynamic styling, theme providers	Runtime perf, SSR support
CSS Custom Properties	Native theming, framework-agnostic	Browser support, fallback strategy

4B-2: Design Token Strategy

Decision	Options	Default
Token format	CSS custom properties / JSON / SCSS variables	CSS custom properties
Token categories	Color, spacing, typography, breakpoints, shadows, z-index	All
Token naming	Semantic (`--color-primary`) vs Functional (`--btn-bg`)	Semantic first
Theming	Light/dark toggle / Multi-brand / Single theme	Single + dark mode

4B-3: Component Library Strategy

Decision	Options	Default
Library	Build custom / Headless (Radix, Headless UI) / Full kit (MUI, Ant, PrimeNG)	Based on team and timeline
Component tiers	Common → Domain-Shared → Page (per ui-wireframe-protocol)	Standard 3-tier
Documentation	Storybook / Docusaurus / In-code only	Based on team size

4B-4: Responsive Strategy

Decision	Options	Default
Approach	Mobile-first / Desktop-first / Adaptive	Mobile-first
Breakpoints	320/768/1024/1280 / Custom	Standard
Grid system	CSS Grid / Flexbox / Framework grid	CSS Grid + Flexbox

MANDATORY IMPORTANT MUST ATTENTION validate all UI system decisions with user via a direct user question before proceeding to Step 5.

Step 5: Library Ecosystem Research

Per concern below, WebSearch top 3 library options for confirmed tech stack. Evaluate: maturity, community, bundle size, maintenance activity, license, learning curve.

MUST ATTENTION never recommend a library from familiarity alone — every pick needs cited evidence (stars, release date, downloads, CVE scan). — why: familiarity bias ships unmaintained or insecure dependencies.

Library Concerns Checklist

Concern	What to Research	Evaluation Criteria
Validation	Input validation, schema validation, form validation	Type safety, composability, error messages
HTTP Client / API Layer	REST client, GraphQL client, API code generation	Interceptors, retry, caching, type generation
State Management	Global store, local state, server state caching	DevTools, SSR support, bundle size
Utilities / Helpers	Date/time, collections, deep clone, string manipulation	Tree-shakability, size, native alternatives
Caching	In-memory cache, distributed cache, HTTP cache, query cache	TTL, invalidation, persistence
Logging	Structured logging, log levels, log aggregation	Structured output, transports, performance
Error Handling	Global error boundary, error tracking, crash reporting	Source maps, breadcrumbs, alerting integration
Authentication / AuthZ	JWT, OAuth, RBAC/ABAC, session management	Standards compliance, SSO, token refresh
File Upload / Storage	Multipart upload, cloud storage SDK, image processing	Streaming, resumable, size limits
Real-time	WebSocket, SSE, SignalR, Socket.io	Reconnection, scaling, protocol support
Internationalization	i18n, l10n, pluralization, date/number formatting	ICU support, lazy loading, extraction tools
PDF / Export	PDF generation, Excel export, CSV	Server-side vs client-side, template support

Per-Library Evaluation Template

### {Concern}: Top 3 Options

| Criteria         | Option A          | Option B | Option C |
| ---------------- | ----------------- | -------- | -------- |
| GitHub Stars     | ...               | ...      | ...      |
| Last Release     | ...               | ...      | ...      |
| Bundle Size      | ...               | ...      | ...      |
| Weekly Downloads | ...               | ...      | ...      |
| License          | ...               | ...      | ...      |
| Maintenance      | Active/Slow/Stale | ...      | ...      |
| Learning Curve   | Low/Med/High      | ...      | ...      |

**Recommendation:** {Option} — Confidence: {X}%

Step 6: Testing Architecture

Research best testing tools, strategy for confirmed tech stack:

Testing Layer	What to Research	Top Candidates to Compare
Unit Testing	Test runner, assertion library, mocking framework	Repository's configured unit-test stack
Integration Testing	API testing, DB testing, service testing	Supertest, TestContainers, WebAppFactory
E2E Testing	Browser automation, BDD, visual regression	Playwright/Cypress/Selenium, SpecFlow
Performance Testing	Load testing, stress testing, benchmarking	k6/Artillery/JMeter/NBomber, BenchmarkDotNet
Contract Testing	API contract validation between services	Pact, Dredd, Spectral
Mutation Testing	Test quality validation	Stryker, PITest
Coverage	Code coverage collection, reporting, enforcement	Istanbul/Coverlet, SonarQube
Test Data	Factories, fixtures, seeders, fakers	Bogus/AutoFixture/Faker.js

Test Strategy Template

### Test Pyramid

- **Unit (70%):** {framework} — {what to test}
- **Integration (20%):** {framework} — {what to test}
- **E2E (10%):** {framework} — {what to test}

### Test-Strength Targets

- Line coverage (diagnostic only — NEVER fail the build on a coverage %): Unit: {X}% | Integration: {X}% | E2E: critical paths only
- Gate: mutation score ({tool}) in CI pipeline — fail build on surviving mutants / mutation-score regression, not on a line-coverage %

Step 7: CI/CD & Deployment

Research deployment architecture, CI/CD tooling:

Concern	What to Research	Top Candidates to Compare
CI/CD Provider	Pipeline orchestration, parallelism, caching	Repository's configured CI/CD tooling
Containerization	Container runtime, image building, registry	Docker/Podman, BuildKit, ACR/ECR/GHCR
Orchestration	Container orchestration, service mesh, scaling	Kubernetes/Docker Compose/ECS/Nomad
IaC (Infra as Code)	Infrastructure provisioning, drift detection	Terraform/Pulumi/Bicep/CDK
Artifact Management	Package registry, versioning, vulnerability scanning	NuGet/npm/Artifactory/GitHub Packages
Feature Flags	Progressive rollout, A/B testing, kill switches	LaunchDarkly/Unleash/Flagsmith
Secret Management	Vault, key rotation, environment variables	Azure KeyVault/HashiCorp Vault/SOPS
Database Migration	Schema versioning, rollback, seed data	EF Migrations/Flyway/Liquibase/dbmate

Deployment Strategy Comparison

Strategy	Risk	Downtime	Complexity	Best For
Blue-Green	Low	Zero	Medium	Critical services
Canary	Low	Zero	High	Gradual rollout
Rolling	Med	Zero	Low	Stateless services
Recreate	High	Yes	Low	Dev/staging environments
Feature Flags	Low	Zero	Medium	Feature-level control

Step 8: Observability & Monitoring

Concern	What to Research	Top Candidates to Compare
Structured Logging	Log format, correlation IDs, log levels, aggregation	Serilog/NLog/Winston/Pino
Log Aggregation	Centralized log search, dashboards, alerts	ELK/Loki+Grafana/Datadog/Seq
Metrics	Application metrics, custom counters, histograms	Prometheus/OpenTelemetry/App Insights
Distributed Tracing	Request tracing across services, span visualization	Jaeger/Zipkin/OpenTelemetry/Tempo
APM	Application performance monitoring, auto-instrumentation	Datadog/New Relic/App Insights/Elastic
Alerting	Threshold alerts, anomaly detection, on-call routing	PagerDuty/OpsGenie/Grafana Alerting
Health Checks	Liveness, readiness, startup probes	AspNetCore.Diagnostics/Terminus
Uptime Monitoring	External availability monitoring, SLA tracking	UptimeRobot/Pingdom/Checkly

Observability Decision: 3 Pillars

### Recommended Observability Stack

| Pillar   | Tool   | Why         |
| -------- | ------ | ----------- |
| Logs     | {tool} | {rationale} |
| Metrics  | {tool} | {rationale} |
| Traces   | {tool} | {rationale} |
| Alerting | {tool} | {rationale} |

Step 9: Code Quality & Clean Code Enforcement

Research, recommend tooling for automated code quality:

Concern	What to Research	Top Candidates to Compare
Linter (Backend)	Static analysis, code style, bug detection	Roslyn Analyzers/SonarQube/StyleCop/ReSharper
Linter (Frontend)	JS/TS linting, accessibility, complexity	ESLint/Biome/oxlint
Formatter	Auto-formatting, consistent style	Prettier/dotnet-format/EditorConfig
Code Analyzer	Security scanning, complexity metrics, duplication	SonarQube/CodeClimate/Codacy
Pre-commit Hooks	Git hooks, staged file validation	Husky+lint-staged/pre-commit/Lefthook
Editor Config	Cross-IDE consistency	.editorconfig/IDE-specific configs
Architecture Rules	Layer dependency enforcement, naming conventions	ArchUnit/NetArchTest/Dependency-Cruiser
API Design Standards	OpenAPI validation, naming, versioning	Spectral/Redocly/swagger-lint
Commit Conventions	Commit message format, changelog generation	Commitlint/Conventional Commits
Code Review Automation	Automated PR review, suggestion bots	Danger.js/Reviewdog/CodeRabbit

Enforcement Strategy

### Code Quality Gates

| Gate        | Tool   | Trigger        | Fail Criteria                                                                         |
| ----------- | ------ | -------------- | ------------------------------------------------------------------------------------- |
| Pre-commit  | {tool} | git commit     | Lint errors, format                                                                   |
| PR Check    | {tool} | Pull request   | Surviving mutants / mutation-score regression, issues (line-coverage diagnostic only) |
| CI Pipeline | {tool} | Push to branch | Build fail, test fail                                                                 |
| Scheduled   | {tool} | Weekly/nightly | Security vulns, debt                                                                  |

Scaffold Handoff (MANDATORY — consumed by `$scaffold`)

### Scaffold Handoff — Tool Choices

| Concern              | Chosen Tool                                         | Config File | Rationale                                                    |
| -------------------- | --------------------------------------------------- | ----------- | ------------------------------------------------------------ |
| Linter (FE)          | {tool}                                              | {filename}  | {why}                                                        |
| Linter (BE)          | {tool}                                              | {filename}  | {why}                                                        |
| Formatter            | {tool}                                              | {filename}  | {why}                                                        |
| Pre-commit           | {tool}                                              | {filename}  | {why}                                                        |
| Arch rules / fitness | {tool: ArchUnit / NetArchTest / Dependency-Cruiser} | {filename}  | {layer + dependency rules and Step-2 NFR budgets to enforce} |
| Error handling       | {pattern}                                           | {files}     | {why}                                                        |
| Loading state        | {pattern}                                           | {files}     | {why}                                                        |
| Docker               | {compose pattern}                                   | {files}     | {why}                                                        |

Step 10: Dependency Risk Assessment

Per recommended library/package, evaluate maintenance, obsolescence risk:

Package Health Scorecard

Criteria	Score (1-5)	How to Verify
Last Release Date	...	npm/NuGet page — stale if >12 months
Open Issues Ratio	...	GitHub issues open vs closed
Maintainer Count	...	Bus factor — single maintainer = high risk
Breaking Change Freq.	...	Changelog — frequent major versions = churn cost
Dependency Depth	...	`npm ls --depth` / dependency graph depth
Known Vulnerabilities	...	Snyk/npm audit/GitHub Dependabot
License Compatibility	...	SPDX identifier — check viral licenses (GPL)
Community Activity	...	Monthly commits, PR merge rate, Discord/forums
Migration Path	...	Can swap to alternative if abandoned?
Framework Alignment	...	Official recommendation by framework team?

Risk Categories

Risk Level	Criteria	Action
Low	Active, >3 maintainers, recent release, no CVEs	Use freely
Medium	1-2 maintainers, release <6mo, minor CVEs patched	Use with monitoring plan
High	Single maintainer, >12mo stale, open CVEs	Find alternative or plan exit strategy
Critical	Abandoned, unpatched CVEs, deprecated	DO NOT USE — find replacement

Dependency Maintenance Strategy

### Recommended Practices

1. **Automated scanning:** {tool} (Dependabot/Renovate/Snyk) — weekly PR for updates
2. **Lock file strategy:** Commit lock files, pin major versions, allow patch auto-update
3. **Audit schedule:** Monthly `npm audit` / `dotnet list package --vulnerable`
4. **Vendor policy:** Max {N} dependencies per concern, prefer well-maintained alternatives
5. **Exit strategy:** For each High-risk dependency, document migration path to alternative

Step 11: Generate Report

Write report to {plan-dir}/research/architecture-design.md with sections:

Executive summary (recommended architecture in 8-10 lines)
Architecture requirements table (from Step 2)
Backend architecture — style comparison + recommended patterns (Steps 3)
Frontend architecture — style comparison + recommended patterns (Step 4)
Library ecosystem — per-concern recommendations with alternatives (Step 5)
Testing architecture — pyramid, tools, coverage targets (Step 6)
CI/CD & deployment — pipeline design, deployment strategy (Step 7)
Observability stack — 3 pillars + alerting (Step 8)
Code quality — enforcement gates, tooling (Step 9)
Dependency risk matrix — high-risk packages, mitigation (Step 10)
Architecture diagram (Mermaid — showing all layers and data flow)
Risk assessment for overall architecture
Unresolved questions

Emit ADRs for hard-to-reverse decisions (MANDATORY)

Architecture Diagram Template

```mermaid
graph TB
    subgraph "Frontend"
        UI[SPA / Micro Frontend]
        STORE[State Management]
    end
    subgraph "API Gateway"
        GW[Gateway / BFF]
    end
    subgraph "Backend Services"
        CMD[Commands / Handlers]
        QRY[Queries / Read Models]
        SVC[Domain Services]
        ENT[Entities / Aggregates]
    end
    subgraph "Infrastructure"
        DB[(Database)]
        CACHE[(Cache)]
        MSG[Message Bus]
        SEARCH[(Search Index)]
    end
    subgraph "Observability"
        LOG[Logging]
        METRIC[Metrics]
        TRACE[Tracing]
    end
    subgraph "CI/CD"
        PIPE[Pipeline]
        REG[Container Registry]
        K8S[Orchestration]
    end
    UI --> GW --> CMD & QRY
    CMD --> SVC --> ENT --> DB
    QRY --> CACHE & SEARCH
    ENT -.-> MSG
    CMD & QRY -.-> LOG & METRIC & TRACE
    PIPE --> REG --> K8S
```

Step 12: User Validation Interview

MANDATORY IMPORTANT MUST ATTENTION present findings, ask 8-12 questions via a direct user question:

Required Questions

Backend architecture — "I recommend {style}. Agree?"
Frontend architecture — "I recommend {style} with {state management}. Agree?"
Design patterns — "Recommended backend patterns: {list}. Frontend patterns: {list}. Any to add/remove?"
Key libraries — "For {concern}, I recommend {lib} over {alternatives}. Agree?"
Testing strategy — "Test pyramid: {unit}%/{integration}%/{E2E}% using {frameworks}. Appropriate?"
CI/CD — "Pipeline: {tool} with {deployment strategy}. Fits your infra?"
Observability — "Monitoring stack: {logs}/{metrics}/{traces}. Sufficient?"
Code quality — "Enforcement: {linter + formatter + pre-commit hooks}. Team ready?"
Dependency risk — "Found {N} high-risk dependencies. Accept or find alternatives?"
Complexity check — "This architecture has {N} concerns addressed. Appropriate for team size?"

Optional Deep-Dive Questions (pick 2-3)

"Should we use event sourcing or traditional state-based persistence?"
"Monolith-first or start with service boundaries?"
"Micro frontends or monolith SPA?"
"How important is framework independence for this repository or system?"
"Self-hosted observability or managed SaaS?"
"Strict lint rules from day 1 or gradual adoption?"

After user confirms, update report with final decisions, mark status: confirmed.

Best Practices Audit (applied across all steps)

Validate architecture against these principles — flag violations in report. — why: an unflagged SOLID/DRY violation compounds into rework once code lands on the flaw.

Principle	Check	Status
Single Responsibility (S)	Each class/module has one reason to change	✅/⚠️
Open/Closed (O)	Extensible without modifying existing code	✅/⚠️
Liskov Substitution (L)	Subtypes substitutable for base types	✅/⚠️
Interface Segregation (I)	No forced dependency on unused interfaces	✅/⚠️
Dependency Inversion (D)	High-level modules depend on abstractions, not concretions	✅/⚠️
DRY	No duplicated business logic across layers	✅/⚠️
KISS	Simplest architecture that meets requirements	✅/⚠️
YAGNI	No speculative layers or patterns for future needs	✅/⚠️
Separation of Concerns	Clear boundaries between domain, application, infra	✅/⚠️
IoC / Dependency Injection	All dependencies injected, no `new` in business logic	✅/⚠️
Technical Agnosticism	Domain layer has zero framework/infra dependencies	✅/⚠️
Testability	Architecture supports unit + integration testing	✅/⚠️
12-Factor App	Config in env, stateless processes, port binding	✅/⚠️
Fail-Fast	Validate early, fail with clear errors	✅/⚠️

Output

{plan-dir}/research/architecture-design.md     # Full architecture analysis report
{plan-dir}/phase-02b-architecture.md           # Confirmed architecture decisions
docs/adr/{NNNN}-{slug}.md                       # One ADR per hard-to-reverse decision (see Step 11)

Next Steps

"$plan (Recommended)" — Create implementation plan from architecture design
"$refine" — If need to create PBIs first
"Skip, continue manually" — user decides

Council escalation (always-offer, second prompt)

After the existing ## Next Steps prompt above resolves, present a second, independent a direct user question call (NEVER merge into the first):

"Skip council — proceed (Recommended)" — Continue with the architecture decision as-is. Recommended default.
"Escalate to $llm-council" — Run 11 sub-agent council (5 advisors + 5 reviewers + chairman). Use when this architecture pick is hard to reverse and you need adversarial framing. Cheaper alternatives: $why-review, $plan-validate (run these first if you haven't).

Prompt-Enhance Closing Anchors

IMPORTANT MUST ATTENTION follow declared step order for this skill; NEVER skip, reorder, or merge steps without explicit user approval
IMPORTANT MUST ATTENTION for every step/sub-skill call: set in_progress before execution, set completed after execution
IMPORTANT MUST ATTENTION every skipped step MUST include explicit reason; every completed step MUST include concise evidence
IMPORTANT MUST ATTENTION if Task tools unavailable, maintain an equivalent step-by-step plan tracker with synchronized statuses

Anti-Rationalization (reject these excuses)

Excuse the model tells itself	Reality
"I know this stack — skip the 3-options research"	Familiarity ≠ evidence. Research 3+ options with cited proof per concern, every time.
"The architecture is obvious — skip user validation"	Step 12 is MANDATORY. The user owns hard-to-reverse decisions; never auto-decide.
"No scale numbers given, I'll just pick a style"	Missing target = explicit `Unresolved question`, never a silent guess. Quantify via Step-2 first.
"It's a small feature — skip the ADR"	If a decision is significant AND costly to reverse, it needs an ADR or it cannot be enforced.
"Brownfield, but my preferred style is better"	NEVER re-litigate a settled ADR-recorded decision without a superseding-ADR rationale.
"I'll document the budget, enforcement is optional"	Documented-but-unenforced budgets erode. Encode them as executable fitness checks for CI.

Closing Reminders

IMPORTANT MUST ATTENTION — Protocols in force (concise digest of the SYNC/shared blocks this skill carries):

Critical Thinking: traced file:line proof per claim, confidence >80% to act.
Sequential Thinking: multi-step Thought N/M with REVISION/BRANCH/HYPOTHESIS, confidence closer.
AI Mistake Prevention: verify generated content against evidence, trace downstream references, verify all affected outputs, re-read after context loss, surface ambiguity.

Anti-Rationalization (Closing — reject these excuses):

Excuse the model tells itself	Reality
"I know this stack — skip the 3-options research"	Familiarity ≠ evidence. Research 3+ options with cited proof per concern, every time.
"The architecture is obvious — skip user validation"	Step 12 is MANDATORY. The user owns hard-to-reverse decisions; never auto-decide.
"No scale numbers given, I'll just pick a style"	Missing target = explicit `Unresolved question`, never a silent guess. Quantify via Step-2 first.
"Small feature — skip the ADR / fitness check"	Significant AND costly-to-reverse → needs an ADR + executable fitness rule, or it cannot be enforced.
"Brownfield, but my preferred style is better"	NEVER re-litigate a settled ADR-recorded decision without a superseding-ADR rationale.
"Found a nearby pattern, just copy it"	Evaluate fit first — same scale/constraints/boundaries? Closest ≠ matching. Verify before reusing.

Critical Thinking Mindset — Apply critical thinking, sequential thinking. Every claim needs traced proof, confidence >80% to act. Anti-hallucination: Never present guess as fact — cite sources for every claim, admit uncertainty freely, self-check output for errors, cross-reference independently, stay skeptical of own confidence — certainty without evidence root of all hallucination.

Sequential Thinking Protocol — Structured multi-step reasoning for complex/ambiguous work. Use when planning, reviewing, debugging, or refining ideas where one-shot reasoning is unsafe.

Trigger when: complex problem decomposition · adaptive plans needing revision · analysis with course correction · unclear/emerging scope · multi-step solutions · hypothesis-driven debugging · cross-cutting trade-off evaluation.

Format (explicit mode — visible thought trail):

Thought N/M: [aspect] — one aspect per thought, state assumptions/uncertainty

Thought N/M [REVISION of Thought K]: ... — when prior reasoning invalidated; state Original / Why revised / Impact

Thought N/M [BRANCH A from Thought K]: ... — explore alternative; converge with decision rationale

Thought N/M [HYPOTHESIS]: ... then [VERIFICATION]: ... — test before acting

Thought N/N [FINAL] — only when verified, all critical aspects addressed, confidence >80%

Mandatory closers: Confidence % stated · Assumptions listed · Open questions surfaced · Next action concrete.

Stop conditions: confidence <80% on any critical decision → escalate via ask the user directly · ≥3 revisions on same thought → re-frame the problem · branch count >3 → split into sub-task.

Implicit mode: apply methodology internally without visible markers when adding markers would clutter the response (routine work where reasoning aids accuracy).

Deep-dive: see $sequential-thinking skill (.claude/skills/sequential-thinking/SKILL.md) for worked examples (API design, debugging, architecture), advanced techniques (spiral refinement, hypothesis testing, convergence), and meta-strategies (uncertainty handling, revision cascades).

AI Mistake Prevention — Failure modes to avoid on every task:

Re-read files after context changes. Context compaction, resume, or long-running work can make memory stale; verify current files before acting. Verify generated content against source evidence. AI hallucinates APIs, names, claims, and document facts. Check the relevant source before documenting or referencing. Check downstream references before deleting or renaming. Removing an artifact can stale docs, generated mirrors, configs, and callers; map references first. Trace the full impact chain after edits. Changing a definition can miss derived outputs and consumers. Follow the affected chain before declaring done. Verify ALL affected outputs, not just the first. One green check is not all green checks; validate every output surface the change can affect. Assume existing values are intentional — ask WHY before changing. Before changing a constant, limit, flag, wording, or pattern, read nearby context and history. Surface ambiguity before acting — don't pick silently. Multiple valid interpretations require an explicit question or stated assumption with risk. Keep shared guidance role-relevant. Universal guidance must help every receiving skill or agent; code-specific obligations belong only in code-specific protocols.

External Memory: For complex or lengthy work (research, analysis, scan, review), write intermediate findings and final results to a report file in plans/reports/ — prevents context loss and serves as deliverable.

Evidence Gate: MANDATORY IMPORTANT MUST ATTENTION — every claim, finding, and recommendation requires file:line proof or traced evidence with confidence percentage (>80% to act, <80% must verify first).

MUST ATTENTION apply sequential-thinking — multi-step Thought N/M, REVISION/BRANCH/HYPOTHESIS markers, confidence % closer; see $sequential-thinking skill.

[TASK-PLANNING] Before acting, analyze task scope and systematically break it into small todo tasks and sub-tasks using task tracking.

[IMPORTANT] Analyze how big the task is and break it into many small todo tasks systematically before starting — this is very important.

Hookless Prompt Protocol Mirror (Auto-Synced)

Source: .claude/.ck.json + .claude/skills/shared/sync-inline-versions.md (:full blocks) + .claude/scripts/lib/hookless-prompt-protocol.cjs

[WORKFLOW-EXECUTION-PROTOCOL] [BLOCKING] Workflow Execution Protocol — MANDATORY IMPORTANT MUST CRITICAL. Do not skip for any reason.

DETECT: If the prompt starts with an explicit slash skill/workflow command, execute it directly. Otherwise match the prompt against the workflow catalog and skill list.
ANALYZE: Choose the best option: execute directly, invoke a skill, activate a standard workflow, or compose a custom step combination.
AUTO-SELECT: Pick the best option yourself. Do not ask the user to choose between direct execution, skill, standard workflow, or custom workflow.
ACTIVATE: For a selected workflow, call $start-workflow <workflowId>; for a selected skill, invoke that skill; for a custom workflow, sequence custom steps directly; for direct execution, proceed with the task.
CREATE TASKS: task tracking for ALL workflow/skill/custom steps before execution when the selected path has multiple steps.
EXECUTE: Advance per the Workflow Step Advancement & Parallel Phases rule in your context instructions — model-driven; a sub-agent completion advances a step identically to an inline call; a parallel-phase group is an all-return barrier (advance only after ALL members return, never serialize it)

Shared AI-SDD Protocol Markers

Source: .claude/skills/shared/sync-inline-versions.md

SYNC:ai-sdd-artifact-contract

AI-SDD Artifact Contract — Shared spec-driven development rules stay portable and source-owned.

Keep reusable AI-SDD principles in .claude; put repository-specific paths, commands, owners, products, and formats in project config/reference docs.

Preserve cycle: spec -> plan -> tasks -> implement -> verify -> update spec/docs.

Trace every requirement or invariant through decision, task, TC/test, source evidence, and docs/spec update.

Treat code-to-spec extraction as reference-only until accepted by the canonical spec owner.

Any supported AI tool may plan, implement, review, or verify with synced context; using multiple tools is optional.

Update .claude source first, then sync generated mirrors; do not manually edit .agents, .codex, or AGENTS.md. — why: mirrors are generated artifacts; hand-edits are overwritten on the next sync

If docs/project-config.json, root instruction files, or a required project-reference doc is missing or stale, auto-run $project-init or the narrow lower-level route before ordinary project-specific work.

Active reference: shared/sdd-artifact-contract.md in the active skills root.

SYNC:ai-sdd-artifact-contract:reminder

MANDATORY Apply shared/sdd-artifact-contract.md; keep reusable AI-SDD in .claude and local rules in project docs.
MANDATORY Code-to-spec extraction is reference-only until canonical acceptance; any supported AI tool may execute with synced context.
MANDATORY Update .claude source before syncing generated mirrors; do not manually edit .agents, .codex, or AGENTS.md.
MANDATORY Missing or stale project config, root instruction files, or required reference docs route project-specific work through $project-init or the narrow setup route automatically. [TASK-PLANNING] [MANDATORY] BEFORE executing any workflow or skill step, create/update task tracking for all planned steps, then keep it synchronized as each step starts/completes.

[LESSON-LEARNED-REMINDER] [BLOCKING] Task Planning & Continuous Improvement — MANDATORY. Do not skip.

Break work into small tasks (task tracking) before starting. Add final task: "Analyze AI mistakes & lessons learned".

Extract lessons — ROOT CAUSE ONLY, not symptom fixes:

Name the FAILURE MODE (reasoning/assumption failure), not symptom — "assumed API existed without reading source" not "used wrong enum value".
Generality test: does this failure mode apply to ≥3 contexts/codebases? If not, abstract one level up.
Write as a universal rule — strip project-specific names/paths/classes. Useful on any codebase.
Consolidate: multiple mistakes sharing one failure mode → ONE lesson.
Recurrence gate: "Would this recur in future session WITHOUT this reminder?" — No → skip $learn.
Auto-fix gate: "Could $code-review/$code-simplifier/$security-review/$lint catch this?" — Yes → improve review skill instead.
BOTH gates pass → ask user to run $learn. [CRITICAL-THINKING-MINDSET] Apply critical thinking, sequential thinking. Every claim needs traced proof, confidence >80% to act. Anti-hallucination principle: Never present guess as fact — cite sources for every claim, admit uncertainty freely, self-check output for errors, cross-reference independently, stay skeptical of own confidence — certainty without evidence root of all hallucination. AI Attention principle (Primacy-Recency): Put the 3 most critical rules at both top and bottom of long prompts/protocols so instruction adherence survives long context windows. Goal-driven execution: Define success criteria first, loop until verified, and stop only when observable checks pass. Tests verify intent: Tests must protect business rules/invariants and fail when the protected intent breaks, not only mirror current behavior.

Common AI Mistake Prevention (System Lessons)

Re-read files after context compaction. Edit requires prior Read in same context; compaction wipes read state. Re-read before editing.
Grep for old terms after bulk replacements. AI over-trusts find/replace completeness. Grep full repo after bulk edits for missed refs in docs/configs/catalogs.
Check downstream references before deleting. Deletions cascade doc/code staleness. Map referencing files before removal.
After memory loss, check existing state before creating new. Compaction wipes prior-work memory. Query current state to resume — never blindly duplicate.
Verify AI-generated content against actual code. AI hallucinates APIs, class names, method signatures. Grep to confirm existence before documenting/referencing.
Trace full dependency chain after edits. Changing a definition misses downstream consumers. Trace the full chain.
When renaming, grep ALL consumer file types. Some file types silently ignore missing refs (no compile error). Search code, templates, configs, generated files.
Trace ALL code paths when verifying correctness. Code existing ≠ code executing. Trace early exits, error branches, conditional skips — not just happy path.
Update docs that embed canonical data when source changes. Docs inlining derived data (workflows, schemas, configs) go stale silently. Update all embedding docs alongside source.
Verify sub-agent results after context recovery. Background agents may finish while parent compacted — grep-verify output, don't trust assumed completion.
Cross-check full target list against sub-agent assignments. Parallel sub-agents by category miss boundary items. Reconcile union of assignments against target list before proceeding.
Sub-agents inherit knowledge only from their agent .md definition — use custom agent types, not built-in Explore. Tool adoption = permission + knowledge + enforcement (numbered workflow step).
Persist sub-agent findings incrementally, not as a final batch. Long sub-agents hit cutoffs before final write — findings lost. Instruct append-per-section to report file.
When debugging, ask "whose responsibility?" before fixing. Trace caller (wrong data) vs callee (wrong handling). Fix at responsible layer — never patch symptom site.
Grep ALL removed names after extraction/refactoring. Primary file "done" ≠ secondary files clean. Grep entire scope for every removed symbol before declaring complete.
Assume existing values are intentional — ask WHY before changing. Pattern-matching as "wrong" skips context. Before changing any constant/limit/flag: read comments, git blame, surrounding code.
Verify ALL affected outputs, not just the first. One build green ≠ all green. Multi-stack changes (backend/frontend/tests/docs) require verifying EVERY output.
Evaluate fit before copying a nearby pattern. Closest example ≠ matching preconditions — verify the new context shares the same constraints, base classes, scope, lifetime.
Holistic-first debugging — resist nearest-attention trap. Don't dive into first plausible cause. List EVERY precondition (config, env vars, paths, DB, endpoints, creds, versions, DI, data). Verify each against evidence (grep/query — not reasoning). Ask "what would falsify this?" — if nothing, it's not a hypothesis. Most expensive failure: going deeper in "obvious" layer while bug sits in layer never questioned.
Surgical changes — apply the diff test (context-aware). Two modes: (1) Bug fix → every line traces to the bug; no restyling; orphan cleanup only for imports YOUR changes made unused. (2) Review/enhancement → implement improvements AND announce as "Enhancement beyond main request: [what]". Never silently scope-creep. Diff test: "Would this line exist if I wasn't asked to do X?" — if no, delete or announce.
Surface ambiguity before coding — don't pick silently. Multiple valid interpretations → present each with effort: "[Request] could mean (1) [N h], (2) [N h]. Which matters?" List scope/format/volume/constraints assumptions first. If simpler path exists, say so. Never silently pick.
[MANDATORY FIRST ACTION] ALWAYS activate a suitable skill or workflow BEFORE responding. Match task against workflow catalog + skill list; invoke via skill invocation or $start-workflow <workflowId>. NEVER answer or write code before checking. Skip = protocol violation.
Why-Review adversarial mindset — apply when reviewing any plan, decision, or design. Default SKEPTIC not VALIDATOR: steel-man a rejected alternative, invert each stated reason ("what does it sacrifice?"), stress-test top 2-3 assumptions, run pre-mortem ("ships, fails in 3 months — what breaks?"), surface 1-2 alternatives author missed. Section presence ≠ quality; quality = causal reasoning + concrete mitigations + evidence, not "it's better" or "monitor closely".
Front-load report-write in sub-agent prompts for large reviews. Many-file sub-agents hit budget before final write — findings lost. Design prompts so: (1) report-write is first explicit deliverable, (2) append per-file/section (not batched), (3) scope bounded so reads don't exhaust budget. Truncated mid-sentence with no report file → spawn narrower scope, don't retry same prompt.
After context compaction, re-verify all prior phase outcomes before continuing. Summaries describe intent, not environment state (git index, filesystem, processes). On resume, FIRST audit: git status, re-read modified files, verify filesystem. Every "completed" claim is an untested hypothesis until evidence confirms.
OOM/memory: check row count before row size. Triage: (1) Unbounded query — no DB filter for trigger? Push filter to DB; eliminates OOM. (2) Large rows? Projection reduces proportionally. Row reduction > projection in ROI.
Keep domain concepts out of generic/shared/infrastructure layers. Reusable layer (shared library, framework, infra module) must reference NO consumer-specific domain concept — tenant/customer/product IDs, business entities, feature rules. Leak compiles + runs → passes review silently while coupling the "reusable" layer to one consumer. Keep shared type domain-free; push domain fields/logic down into the consumer via subclass/composition. — why: a layer coupled to one consumer's domain is no longer reusable.

architecture-design

同仓库更多 Skills

同仓库更多 Skills

Codex Project-Reference Loading (No Hooks)

Quick Summary

Inputs & Handoffs (consume vs produce)

Step 1: Load Context

Step 2: Derive Architecture Requirements

Quality-Attribute Scenarios (quantify — these drive the style choice)

Step 3: Backend Architecture

3A: Architecture Styles

3B: Backend Design Patterns

Step 4: Frontend Architecture

4A: Architecture Styles

4B: Frontend Design Patterns

Step 4B: UI System Architecture

4B-1: Styling Approach

4B-2: Design Token Strategy

4B-3: Component Library Strategy

4B-4: Responsive Strategy

Step 5: Library Ecosystem Research

Library Concerns Checklist

Per-Library Evaluation Template

Step 6: Testing Architecture

Test Strategy Template

Step 7: CI/CD & Deployment

Deployment Strategy Comparison

Step 8: Observability & Monitoring

Observability Decision: 3 Pillars

Step 9: Code Quality & Clean Code Enforcement

Enforcement Strategy

Scaffold Handoff (MANDATORY — consumed by $scaffold)

Step 10: Dependency Risk Assessment

Package Health Scorecard

Risk Categories

Dependency Maintenance Strategy

Step 11: Generate Report

Emit ADRs for hard-to-reverse decisions (MANDATORY)

Architecture Diagram Template

Step 12: User Validation Interview

Required Questions

Optional Deep-Dive Questions (pick 2-3)

Best Practices Audit (applied across all steps)

Output

Next Steps

Council escalation (always-offer, second prompt)

Prompt-Enhance Closing Anchors

Anti-Rationalization (reject these excuses)

Closing Reminders

Hookless Prompt Protocol Mirror (Auto-Synced)

[WORKFLOW-EXECUTION-PROTOCOL] [BLOCKING] Workflow Execution Protocol — MANDATORY IMPORTANT MUST CRITICAL. Do not skip for any reason.

Shared AI-SDD Protocol Markers

SYNC:ai-sdd-artifact-contract

SYNC:ai-sdd-artifact-contract:reminder

[LESSON-LEARNED-REMINDER] [BLOCKING] Task Planning & Continuous Improvement — MANDATORY. Do not skip.

Common AI Mistake Prevention (System Lessons)

Codex Project-Reference Loading (No Hooks)

Quick Summary

Inputs & Handoffs (consume vs produce)

Step 1: Load Context

Step 2: Derive Architecture Requirements

Quality-Attribute Scenarios (quantify — these drive the style choice)

Step 3: Backend Architecture

3A: Architecture Styles

3B: Backend Design Patterns

Step 4: Frontend Architecture

4A: Architecture Styles

4B: Frontend Design Patterns

Step 4B: UI System Architecture

4B-1: Styling Approach

4B-2: Design Token Strategy

4B-3: Component Library Strategy

4B-4: Responsive Strategy

Step 5: Library Ecosystem Research

Library Concerns Checklist

Per-Library Evaluation Template

Step 6: Testing Architecture

Test Strategy Template

Step 7: CI/CD & Deployment

Deployment Strategy Comparison

Scaffold Handoff (MANDATORY — consumed by `$scaffold`)

Scaffold Handoff (MANDATORY — consumed by `$scaffold`)