@agile-vibe-coding/avc 0.1.1 → 0.3.1

package/cli/checks/story/devops.json

@@ -0,0 +1,102 @@
+{
+  "perspective": "devops",
+  "scope": "story",
+  "checks": [
+    {
+      "id": "devops-story-01",
+      "tier": 1,
+      "perspective": "devops",
+      "severity": "critical",
+      "category": "acceptance-criteria",
+      "universal": false,
+      "applicabilityQuestion": "Does this story involve deployment, CI/CD, infrastructure, or operational concerns?",
+      "question": "Is each acceptance criterion testable and measurable?",
+      "failDescription": "One or more acceptance criteria are not testable or measurable",
+      "failSuggestion": "Make each AC testable: specify exact expected outcome, metric, or verifiable condition"
+    },
+    {
+      "id": "devops-story-02",
+      "tier": 1,
+      "perspective": "devops",
+      "severity": "major",
+      "category": "acceptance-criteria",
+      "universal": false,
+      "applicabilityQuestion": "Does this story involve deployment, CI/CD, infrastructure, or operational concerns?",
+      "question": "Do criteria cover happy path, edge cases, and error scenarios?",
+      "failDescription": "Criteria do not cover edge cases or error scenarios",
+      "failSuggestion": "Add edge case and error scenario ACs: failed deployment rollback, resource limits exceeded, network failures"
+    },
+    {
+      "id": "devops-story-03",
+      "tier": 1,
+      "perspective": "devops",
+      "severity": "major",
+      "category": "acceptance-criteria",
+      "universal": false,
+      "applicabilityQuestion": "Does this story involve deployment, CI/CD, infrastructure, or operational concerns?",
+      "question": "Are DevOps requirements explicitly stated?",
+      "failDescription": "DevOps requirements are not explicitly stated in acceptance criteria",
+      "failSuggestion": "State DevOps requirements explicitly: deployment target, environment, monitoring hooks, rollback criteria"
+    },
+    {
+      "id": "devops-story-04",
+      "tier": 1,
+      "perspective": "devops",
+      "severity": "major",
+      "category": "implementation-clarity",
+      "universal": false,
+      "applicabilityQuestion": "Does this story involve deployment, CI/CD, infrastructure, or operational concerns?",
+      "question": "Does the story provide enough DevOps detail for implementation?",
+      "failDescription": "Insufficient DevOps detail for implementation",
+      "failSuggestion": "Add DevOps implementation details: specific tools, configuration values, environment variables, pipeline steps"
+    },
+    {
+      "id": "devops-story-05",
+      "tier": 1,
+      "perspective": "devops",
+      "severity": "minor",
+      "category": "implementation-clarity",
+      "universal": false,
+      "applicabilityQuestion": "Does this story involve deployment, CI/CD, infrastructure, or operational concerns?",
+      "question": "Are DevOps patterns and approaches specified?",
+      "failDescription": "DevOps patterns and approaches are not specified",
+      "failSuggestion": "Specify DevOps patterns: deployment strategy, IaC approach, monitoring integration, log aggregation"
+    },
+    {
+      "id": "devops-story-06",
+      "tier": 1,
+      "perspective": "devops",
+      "severity": "major",
+      "category": "testability",
+      "universal": false,
+      "applicabilityQuestion": "Does this story involve deployment, CI/CD, infrastructure, or operational concerns?",
+      "question": "Does the story have a test-boundary AC naming specific scenarios a developer must test?",
+      "failDescription": "Story lacks a test-boundary AC — no specific test scenarios named",
+      "failSuggestion": "Add test-boundary AC: 'Tests must cover: (1) successful deployment, (2) rollback on failure, (3) health check pass, (4) resource limit behavior'"
+    },
+    {
+      "id": "devops-story-07",
+      "tier": 1,
+      "perspective": "devops",
+      "severity": "minor",
+      "category": "scope-dependencies",
+      "universal": false,
+      "applicabilityQuestion": "Does this story involve deployment, CI/CD, infrastructure, or operational concerns?",
+      "question": "Are dependencies on other stories explicit?",
+      "failDescription": "Dependencies on other stories are not explicit",
+      "failSuggestion": "Make dependencies explicit: reference specific story IDs and what they provide"
+    },
+    {
+      "id": "devops-story-08",
+      "tier": 1,
+      "perspective": "devops",
+      "severity": "minor",
+      "category": "best-practices",
+      "universal": false,
+      "applicabilityQuestion": "Does this story involve deployment, CI/CD, infrastructure, or operational concerns?",
+      "question": "Does the story follow DevOps best practices?",
+      "failDescription": "DevOps best practices are not followed",
+      "failSuggestion": "Follow DevOps best practices: infrastructure as code, automated testing, immutable deployments"
+    }
+  ]
+}

package/cli/checks/story/frontend.json

@@ -0,0 +1,174 @@
+{
+  "perspective": "frontend",
+  "scope": "story",
+  "checks": [
+    {
+      "id": "fe-story-01",
+      "tier": 1,
+      "perspective": "frontend",
+      "severity": "major",
+      "category": "async-state-coverage",
+      "universal": false,
+      "applicabilityQuestion": "Does this story involve asynchronous operations in the UI? (Does it fetch data, submit forms, or call APIs from the frontend?)",
+      "question": "Does every async operation have a described loading indicator (skeleton, spinner, disabled button)?",
+      "failDescription": "Async operations lack loading state descriptions",
+      "failSuggestion": "Describe loading state for each async operation: 'While request is in flight, show spinner on button / skeleton rows / disable form'"
+    },
+    {
+      "id": "fe-story-02",
+      "tier": 1,
+      "perspective": "frontend",
+      "severity": "major",
+      "category": "async-state-coverage",
+      "universal": false,
+      "applicabilityQuestion": "Does this story involve asynchronous operations in the UI?",
+      "question": "Are error states described by HTTP code (401 -> redirect, 403 -> forbidden, 422 -> inline errors, 500 -> toast)?",
+      "failDescription": "Error states are not described per HTTP status code",
+      "failSuggestion": "Describe error states by code: 401 -> redirect to login, 403 -> forbidden message, 422 -> inline field errors, 500 -> toast"
+    },
+    {
+      "id": "fe-story-03",
+      "tier": 1,
+      "perspective": "frontend",
+      "severity": "major",
+      "category": "async-state-coverage",
+      "universal": false,
+      "applicabilityQuestion": "Does this story display lists or search results?",
+      "question": "Do lists and search results define what renders when data is empty (data: [])?",
+      "failDescription": "Empty state is not defined for list/search views",
+      "failSuggestion": "Define empty state: what renders when data is empty — illustration, message, call-to-action"
+    },
+    {
+      "id": "fe-story-04",
+      "tier": 1,
+      "perspective": "frontend",
+      "severity": "minor",
+      "category": "async-state-coverage",
+      "universal": false,
+      "applicabilityQuestion": "Does this story involve data mutations from the UI?",
+      "question": "Do mutation stories state whether UI updates before or after server confirmation (optimistic updates)?",
+      "failDescription": "Optimistic update strategy is not stated for mutations",
+      "failSuggestion": "State optimistic update strategy: 'UI updates immediately and rolls back on failure' or 'UI waits for server confirmation'"
+    },
+    {
+      "id": "fe-story-05",
+      "tier": 1,
+      "perspective": "frontend",
+      "severity": "major",
+      "category": "form-input-ux",
+      "universal": false,
+      "applicabilityQuestion": "Does this story include a form with user input fields?",
+      "question": "Does the story specify inline field validation timing (on blur, on submit, or real-time)?",
+      "failDescription": "Form validation timing is not specified",
+      "failSuggestion": "Specify validation timing: 'Field validation runs on blur / on submit / after 500ms debounce'"
+    },
+    {
+      "id": "fe-story-06",
+      "tier": 1,
+      "perspective": "frontend",
+      "severity": "major",
+      "category": "form-input-ux",
+      "universal": false,
+      "applicabilityQuestion": "Does this story include a form with a submit action?",
+      "question": "Is the submit button state defined during inflight requests (disabled during request, re-enabled on completion)?",
+      "failDescription": "Submit button state during inflight requests is not defined",
+      "failSuggestion": "Define submit button state: 'disabled with spinner during request, re-enabled on success or failure'"
+    },
+    {
+      "id": "fe-story-07",
+      "tier": 1,
+      "perspective": "frontend",
+      "severity": "major",
+      "category": "form-input-ux",
+      "universal": false,
+      "applicabilityQuestion": "Does this story submit data that could result in server-side validation errors?",
+      "question": "Are server-side 422 errors mapped to field-level messages (not just a generic toast)?",
+      "failDescription": "Server-side validation errors are not mapped to individual form fields",
+      "failSuggestion": "Map server-side 422 errors to field-level messages: display error next to the specific field that failed validation"
+    },
+    {
+      "id": "fe-story-08",
+      "tier": 1,
+      "perspective": "frontend",
+      "severity": "major",
+      "category": "form-input-ux",
+      "universal": false,
+      "applicabilityQuestion": "Does this story involve a successful mutation (create, update, or delete)?",
+      "question": "Is success feedback defined — what changes in the UI on successful mutation (navigate, toast, refresh)?",
+      "failDescription": "Post-mutation success feedback is not defined",
+      "failSuggestion": "Define success feedback: 'On success, navigate to [route]' or 'show toast and refresh list' or 'close modal and update row'"
+    },
+    {
+      "id": "fe-story-09",
+      "tier": 1,
+      "perspective": "frontend",
+      "severity": "minor",
+      "category": "component-navigation",
+      "universal": false,
+      "applicabilityQuestion": "Does this story involve protected routes? (Does it have pages that require authentication?)",
+      "question": "Is route protection behavior stated (what happens when unauthenticated user hits a protected route)?",
+      "failDescription": "Route protection behavior is not stated",
+      "failSuggestion": "State route protection: 'Unauthenticated user is redirected to /login with return URL preserved'"
+    },
+    {
+      "id": "fe-story-10",
+      "tier": 1,
+      "perspective": "frontend",
+      "severity": "major",
+      "category": "component-navigation",
+      "universal": false,
+      "applicabilityQuestion": "Does this story involve create, delete, or update actions?",
+      "question": "Are navigation flows after actions defined (where does user land after create/delete/update)?",
+      "failDescription": "Post-action navigation flows are not defined",
+      "failSuggestion": "Define navigation after actions: 'After create, navigate to detail page' or 'After delete, return to list'"
+    },
+    {
+      "id": "fe-story-11",
+      "tier": 1,
+      "perspective": "frontend",
+      "severity": "minor",
+      "category": "component-navigation",
+      "universal": false,
+      "applicabilityQuestion": "Does this story involve state that should persist across navigation?",
+      "question": "Is state persistence described (does component state survive tab switch or navigation)?",
+      "failDescription": "State persistence behavior across navigation is not described",
+      "failSuggestion": "Describe state persistence: server-state cache survives navigation (React Query), form drafts are preserved or discarded"
+    },
+    {
+      "id": "fe-story-12",
+      "tier": 1,
+      "perspective": "frontend",
+      "severity": "minor",
+      "category": "accessibility-quality",
+      "universal": false,
+      "applicabilityQuestion": "Does this story include interactive elements? (Does it have forms, modals, or dropdowns?)",
+      "question": "Are interactive elements keyboard-navigable (forms, modals, dropdowns)?",
+      "failDescription": "Keyboard navigation is not specified for interactive elements",
+      "failSuggestion": "Require keyboard navigation: Tab through fields, Enter to submit, Escape to close modals"
+    },
+    {
+      "id": "fe-story-13",
+      "tier": 1,
+      "perspective": "frontend",
+      "severity": "minor",
+      "category": "accessibility-quality",
+      "universal": false,
+      "applicabilityQuestion": "Does this story display error messages for form inputs?",
+      "question": "Are error messages programmatically associated with inputs (aria-describedby or equivalent)?",
+      "failDescription": "Error messages are not programmatically associated with form inputs",
+      "failSuggestion": "Associate errors with inputs: use aria-describedby to link error message to input field"
+    },
+    {
+      "id": "fe-story-14",
+      "tier": 1,
+      "perspective": "frontend",
+      "severity": "minor",
+      "category": "accessibility-quality",
+      "universal": false,
+      "applicabilityQuestion": "Does this story involve dynamic content updates? (Does it have live data, notifications, or async-loaded content?)",
+      "question": "Are screen reader announcements specified for async state changes (aria-live regions)?",
+      "failDescription": "Screen reader announcements are not specified for dynamic content",
+      "failSuggestion": "Add aria-live regions for async updates: loading announcements, error announcements, success confirmations"
+    }
+  ]
+}

package/cli/checks/story/mobile.json

@@ -0,0 +1,102 @@
+{
+  "perspective": "mobile",
+  "scope": "story",
+  "checks": [
+    {
+      "id": "mob-story-01",
+      "tier": 1,
+      "perspective": "mobile",
+      "severity": "critical",
+      "category": "acceptance-criteria",
+      "universal": false,
+      "applicabilityQuestion": "Does this story involve mobile application features? (Does it target iOS, Android, or cross-platform mobile?)",
+      "question": "Is each acceptance criterion testable and measurable?",
+      "failDescription": "One or more acceptance criteria are not testable or measurable",
+      "failSuggestion": "Make each AC testable: specify exact mobile behavior, platform-specific outcomes, or measurable criteria"
+    },
+    {
+      "id": "mob-story-02",
+      "tier": 1,
+      "perspective": "mobile",
+      "severity": "major",
+      "category": "acceptance-criteria",
+      "universal": false,
+      "applicabilityQuestion": "Does this story involve mobile application features?",
+      "question": "Do criteria cover happy path, edge cases, and error scenarios?",
+      "failDescription": "Criteria do not cover mobile edge cases or error scenarios",
+      "failSuggestion": "Add mobile edge cases: offline behavior, poor connectivity, background/foreground transitions, orientation changes"
+    },
+    {
+      "id": "mob-story-03",
+      "tier": 1,
+      "perspective": "mobile",
+      "severity": "major",
+      "category": "acceptance-criteria",
+      "universal": false,
+      "applicabilityQuestion": "Does this story involve mobile application features?",
+      "question": "Are mobile requirements explicitly stated?",
+      "failDescription": "Mobile requirements are not explicitly stated",
+      "failSuggestion": "State mobile requirements: target platforms, minimum OS versions, device capabilities, offline support"
+    },
+    {
+      "id": "mob-story-04",
+      "tier": 1,
+      "perspective": "mobile",
+      "severity": "major",
+      "category": "implementation-clarity",
+      "universal": false,
+      "applicabilityQuestion": "Does this story involve mobile application features?",
+      "question": "Does the story provide enough mobile detail for implementation?",
+      "failDescription": "Insufficient mobile detail for implementation",
+      "failSuggestion": "Add mobile details: navigation pattern, gesture handling, local storage strategy, native API usage"
+    },
+    {
+      "id": "mob-story-05",
+      "tier": 1,
+      "perspective": "mobile",
+      "severity": "minor",
+      "category": "implementation-clarity",
+      "universal": false,
+      "applicabilityQuestion": "Does this story involve mobile application features?",
+      "question": "Are mobile patterns and approaches specified?",
+      "failDescription": "Mobile patterns and approaches are not specified",
+      "failSuggestion": "Specify mobile patterns: offline-first, data sync strategy, platform-specific UX, push notification handling"
+    },
+    {
+      "id": "mob-story-06",
+      "tier": 1,
+      "perspective": "mobile",
+      "severity": "major",
+      "category": "testability",
+      "universal": false,
+      "applicabilityQuestion": "Does this story involve mobile application features?",
+      "question": "Does the story have a test-boundary AC naming specific scenarios a developer must test?",
+      "failDescription": "Story lacks a test-boundary AC",
+      "failSuggestion": "Add test-boundary AC: 'Tests must cover: (1) happy path, (2) offline mode, (3) slow network, (4) platform-specific behavior'"
+    },
+    {
+      "id": "mob-story-07",
+      "tier": 1,
+      "perspective": "mobile",
+      "severity": "minor",
+      "category": "scope-dependencies",
+      "universal": false,
+      "applicabilityQuestion": "Does this story involve mobile application features?",
+      "question": "Are dependencies on other stories explicit?",
+      "failDescription": "Dependencies on other stories are not explicit",
+      "failSuggestion": "Make dependencies explicit: reference API stories, shared component stories, native module dependencies"
+    },
+    {
+      "id": "mob-story-08",
+      "tier": 1,
+      "perspective": "mobile",
+      "severity": "minor",
+      "category": "best-practices",
+      "universal": false,
+      "applicabilityQuestion": "Does this story involve mobile application features?",
+      "question": "Does the story follow mobile best practices?",
+      "failDescription": "Mobile best practices are not followed",
+      "failSuggestion": "Follow mobile best practices: platform-native patterns, battery efficiency, responsive layouts, accessibility"
+    }
+  ]
+}

package/cli/checks/story/qa.json

@@ -0,0 +1,210 @@
+{
+  "perspective": "qa",
+  "scope": "story",
+  "checks": [
+    {
+      "id": "qa-story-01",
+      "tier": 1,
+      "perspective": "qa",
+      "severity": "critical",
+      "category": "acceptance-criteria-quality",
+      "universal": false,
+      "applicabilityQuestion": "Does this story define acceptance criteria that need QA validation?",
+      "question": "Is each acceptance criterion testable and measurable with clear pass/fail conditions?",
+      "failDescription": "Acceptance criteria lack clear pass/fail conditions — QA cannot determine if the story passes",
+      "failSuggestion": "Rewrite each AC with explicit pass/fail conditions: given X input, when Y action, then Z observable result"
+    },
+    {
+      "id": "qa-story-02",
+      "tier": 1,
+      "perspective": "qa",
+      "severity": "critical",
+      "category": "acceptance-criteria-quality",
+      "universal": false,
+      "applicabilityQuestion": "Does this story involve user-facing functionality?",
+      "question": "Do criteria cover happy path, edge cases, and error scenarios comprehensively?",
+      "failDescription": "Criteria do not cover edge cases and error scenarios — QA will find gaps during testing",
+      "failSuggestion": "Add ACs for: happy path (normal flow), edge cases (boundary values, empty inputs), and error scenarios (invalid data, timeout, permission denied)"
+    },
+    {
+      "id": "qa-story-03",
+      "tier": 1,
+      "perspective": "qa",
+      "severity": "critical",
+      "category": "acceptance-criteria-quality",
+      "universal": false,
+      "applicabilityQuestion": "Does this story have multiple acceptance criteria?",
+      "question": "Are acceptance criteria independent and non-overlapping — can each be tested in isolation?",
+      "failDescription": "Acceptance criteria overlap or depend on each other — cannot be tested in isolation",
+      "failSuggestion": "Ensure each AC is independently testable: remove dependencies between ACs, eliminate overlapping conditions"
+    },
+    {
+      "id": "qa-story-04",
+      "tier": 1,
+      "perspective": "qa",
+      "severity": "critical",
+      "category": "acceptance-criteria-quality",
+      "universal": false,
+      "applicabilityQuestion": "Does this story involve QA-specific requirements (test environments, test data, regression)?",
+      "question": "Are QA requirements explicitly stated — test environment needs, regression scope, and acceptance test criteria?",
+      "failDescription": "QA requirements are not explicitly stated — unclear what environment, data, or regression scope is needed",
+      "failSuggestion": "State QA requirements: test environment setup, required test data, regression test scope, and acceptance test entry/exit criteria"
+    },
+    {
+      "id": "qa-story-05",
+      "tier": 1,
+      "perspective": "qa",
+      "severity": "major",
+      "category": "implementation-clarity",
+      "universal": false,
+      "applicabilityQuestion": "Does this story require QA to understand implementation details for effective testing?",
+      "question": "Does the story provide enough detail for QA to design test cases — expected behaviors, boundary conditions, and data constraints?",
+      "failDescription": "Insufficient detail for QA test case design — expected behaviors or boundary conditions are missing",
+      "failSuggestion": "Add details for test design: expected behavior per scenario, boundary values (min/max/empty), data type constraints, and state preconditions"
+    },
+    {
+      "id": "qa-story-06",
+      "tier": 1,
+      "perspective": "qa",
+      "severity": "major",
+      "category": "implementation-clarity",
+      "universal": false,
+      "applicabilityQuestion": "Does this story have technical constraints that affect QA testing?",
+      "question": "Are technical constraints and assumptions explicit — performance thresholds, browser/device support, API contract versions?",
+      "failDescription": "Technical constraints are not explicit — QA cannot validate non-functional requirements",
+      "failSuggestion": "State technical constraints: response time thresholds, supported browsers/devices, API version compatibility, concurrency limits"
+    },
+    {
+      "id": "qa-story-07",
+      "tier": 1,
+      "perspective": "qa",
+      "severity": "major",
+      "category": "implementation-clarity",
+      "universal": false,
+      "applicabilityQuestion": "Does this story involve QA patterns such as test automation, regression testing, or test data management?",
+      "question": "Are QA patterns and approaches specified — manual vs automated testing, regression strategy, and test data management?",
+      "failDescription": "QA patterns are not specified — unclear whether tests are manual or automated, and what regression approach to use",
+      "failSuggestion": "Specify QA approach: manual/automated split, regression test suite to update, test data setup/teardown strategy"
+    },
+    {
+      "id": "qa-story-08",
+      "tier": 1,
+      "perspective": "qa",
+      "severity": "major",
+      "category": "testability",
+      "universal": false,
+      "applicabilityQuestion": "Does this story have functionality that needs testing at multiple levels?",
+      "question": "Can the story be tested at multiple levels — unit, integration, and end-to-end — with clear boundaries between each?",
+      "failDescription": "Testing levels are unclear — no distinction between unit, integration, and e2e test scope",
+      "failSuggestion": "Define testing levels: unit tests for business logic, integration tests for API/DB interactions, e2e tests for user workflows"
+    },
+    {
+      "id": "qa-story-09",
+      "tier": 1,
+      "perspective": "qa",
+      "severity": "major",
+      "category": "testability",
+      "universal": false,
+      "applicabilityQuestion": "Does this story require specific test data for QA validation?",
+      "question": "Are test data requirements clear — specific datasets, user roles, precondition states, and cleanup procedures?",
+      "failDescription": "Test data requirements are unclear — QA cannot prepare the test environment",
+      "failSuggestion": "Define test data: required user roles and permissions, precondition database states, test datasets, and post-test cleanup procedures"
+    },
+    {
+      "id": "qa-story-10",
+      "tier": 1,
+      "perspective": "qa",
+      "severity": "major",
+      "category": "testability",
+      "universal": false,
+      "applicabilityQuestion": "Does this story produce outcomes that QA needs to verify?",
+      "question": "Are expected outcomes precisely defined — exact response bodies, UI states, database changes, or event emissions?",
+      "failDescription": "Expected outcomes are not precisely defined — QA cannot write deterministic test assertions",
+      "failSuggestion": "Define precise outcomes: exact HTTP response codes and bodies, specific UI states, database record changes, or event payloads"
+    },
+    {
+      "id": "qa-story-11",
+      "tier": 1,
+      "perspective": "qa",
+      "severity": "minor",
+      "category": "scope-dependencies",
+      "universal": false,
+      "applicabilityQuestion": "Does this story involve QA effort that could span multiple days?",
+      "question": "Is the story appropriately scoped — QA effort focused on a single cohesive capability including test design, execution, and regression?",
+      "failDescription": "Story may be too broad for QA — testing effort spans too many concerns",
+      "failSuggestion": "Split large stories: separate core functionality from edge cases, or split by test type (functional, integration, performance)"
+    },
+    {
+      "id": "qa-story-12",
+      "tier": 1,
+      "perspective": "qa",
+      "severity": "minor",
+      "category": "scope-dependencies",
+      "universal": false,
+      "applicabilityQuestion": "Does this story depend on other stories, services, or test infrastructure?",
+      "question": "Are dependencies on other stories, test environments, or infrastructure explicitly identified?",
+      "failDescription": "Dependencies are not explicitly identified — QA may be blocked by unresolved dependencies",
+      "failSuggestion": "List all dependencies: prerequisite stories, required test environment services, third-party API availability, and test infrastructure needs"
+    },
+    {
+      "id": "qa-story-13",
+      "tier": 1,
+      "perspective": "qa",
+      "severity": "minor",
+      "category": "scope-dependencies",
+      "universal": false,
+      "applicabilityQuestion": "Does this story deliver functionality incrementally?",
+      "question": "Is the story independent enough to be tested and delivered incrementally without blocking other QA work?",
+      "failDescription": "Story is not independently testable — may block or be blocked by other QA work",
+      "failSuggestion": "Ensure independent testability: define stub/mock strategy for unavailable dependencies, identify parallel testing opportunities"
+    },
+    {
+      "id": "qa-story-14",
+      "tier": 1,
+      "perspective": "qa",
+      "severity": "minor",
+      "category": "best-practices",
+      "universal": false,
+      "applicabilityQuestion": "Does this story involve QA activities?",
+      "question": "Does the story follow QA best practices — traceability from requirements to tests, regression impact analysis, and defect prevention?",
+      "failDescription": "Story does not address QA best practices",
+      "failSuggestion": "Address QA best practices: requirements-to-test traceability matrix, regression impact analysis, and risk-based test prioritization"
+    },
+    {
+      "id": "qa-story-15",
+      "tier": 1,
+      "perspective": "qa",
+      "severity": "minor",
+      "category": "best-practices",
+      "universal": false,
+      "applicabilityQuestion": "Does this story have testing approaches that could lead to anti-patterns?",
+      "question": "Does the story avoid QA anti-patterns — no testing in production only, no missing regression coverage, no undefined exit criteria?",
+      "failDescription": "Story may contain QA anti-patterns",
+      "failSuggestion": "Check for anti-patterns: testing only in production (add staging), missing regression (define regression suite), undefined exit criteria (add done definition)"
+    },
+    {
+      "id": "qa-story-16",
+      "tier": 1,
+      "perspective": "qa",
+      "severity": "major",
+      "category": "acceptance-criteria-quality",
+      "universal": false,
+      "applicabilityQuestion": "Does this story use vague language in its acceptance criteria?",
+      "question": "Do all ACs avoid vague phrases ('handle gracefully', 'validate properly', 'appropriate response') without specifying concrete outcomes?",
+      "failDescription": "ACs use vague language without specifying concrete, testable outcomes",
+      "failSuggestion": "Replace vague phrases with testable outcomes: instead of 'handle errors gracefully', specify 'display error code ERR_001 with message text and retry button'"
+    },
+    {
+      "id": "qa-story-17",
+      "tier": 1,
+      "perspective": "qa",
+      "severity": "major",
+      "category": "testability",
+      "universal": false,
+      "applicabilityQuestion": "Does this story have logic paths that need testing?",
+      "question": "Does at least one AC explicitly list concrete test scenarios (named test cases, boundary values, or error paths)?",
+      "failDescription": "Story lacks a test-boundary AC — no AC names the specific scenarios a developer must test",
+      "failSuggestion": "Add one AC: 'Developer tests must cover: (1) happy path, (2) missing required field, (3) domain-specific error, (4) authentication failure, (5) authorization failure'"
+    }
+  ]
+}