@ryuenn3123/agentic-senior-core 2.5.22 → 3.0.0

package/.agent-context/profiles/regulated.md

@@ -1,13 +0,0 @@
-# Team Profile Pack: Regulated
-
-slug: regulated
-displayName: Regulated Team
-description: Compliance-first defaults with strict policy and locked CI guardrails.
-defaultProfile: strict
-defaultStack: typescript.md
-defaultBlueprint: api-nextjs.md
-ciGuardrails: true
-lockCi: true
-blockingSeverities: critical, high, medium
-owner: governance-office
-lastUpdated: 2026-03-19

package/.agent-context/profiles/startup.md

@@ -1,13 +0,0 @@
-# Team Profile Pack: Startup
-
-slug: startup
-displayName: Startup Team
-description: Fast iteration with balanced guardrails and quick onboarding defaults.
-defaultProfile: balanced
-defaultStack: typescript.md
-defaultBlueprint: api-nextjs.md
-ciGuardrails: true
-lockCi: false
-blockingSeverities: critical, high
-owner: product-engineering
-lastUpdated: 2026-03-19

package/.agent-context/review-checklists/frontend-excellence-rubric.md

@@ -1,73 +0,0 @@
-# Frontend Excellence Rubric (Designer-Grade)
-
-Use this rubric to prevent template-like UI output and enforce intentional product design quality.
-
-## Scoring Model
-
-Score each dimension from 1 to 5.
-- 1: weak or generic quality
-- 3: acceptable production baseline
-- 5: standout quality comparable to top manual design teams
-
-Release recommendation:
-- Minimum average score: 4.0
-- No dimension below: 3
-
-## 1. Visual Direction and Identity
-- [ ] The page has a clear visual direction, not a generic starter layout.
-- [ ] Composition, rhythm, and hierarchy feel intentional across sections.
-- [ ] The output avoids obvious design-template repetition.
-
-## 2. Typography Quality
-- [ ] Font pairing is intentional and role-based (display, body, utility).
-- [ ] Type scale is coherent across mobile and desktop.
-- [ ] Line length, spacing, and emphasis improve readability and scanning.
-
-## 3. Color System Diversity and Contrast
-- [ ] Color palette is purposeful, with semantic roles and contrast-safe pairings.
-- [ ] The result is not a default AI palette or copied trendy scheme without adaptation.
-- [ ] Accent usage supports product intent and interaction priority.
-
-## 4. Interaction Choreography
-- [ ] Motion supports comprehension and hierarchy, not decorative noise.
-- [ ] Entrance and transition timing are consistent and measured.
-- [ ] Reduced-motion fallback preserves usability.
-
-## 5. Responsiveness and Layout Intelligence
-- [ ] Mobile layout is designed, not desktop squeezed into a narrow viewport.
-- [ ] Breakpoint transitions preserve hierarchy, spacing rhythm, and action clarity.
-- [ ] Navigation and key CTA remain explicit across viewport sizes.
-
-## 6. Language and Content Consistency
-- [ ] Content language is consistent across headline, body, CTA, and system messages for the same screen flow.
-- [ ] Mixed-language output appears only when requested by user or product requirement.
-- [ ] Terminology stays stable for repeated actions and labels.
-
-## 7. Text Contrast and Collision Safety
-- [ ] Text-to-background contrast is checked for every semantic token pair used in UI.
-- [ ] No text color clashes with gradients, images, or accent surfaces.
-- [ ] Primary and secondary text remain readable in all supported breakpoints.
-
-## 8. UX Narrative and Conversion Clarity
-- [ ] First viewport communicates value proposition and primary action immediately.
-- [ ] Error, empty, and loading states provide clear next actions.
-- [ ] User journey avoids dead ends and hidden critical actions.
-
-## 9. Template Diversity and Originality
-- [ ] Output is not a copy of a generic starter template or repeated AI layout pattern.
-- [ ] Layout composition shows intentional variation in structure and hierarchy.
-- [ ] Visual intent, interaction quality, and conversion clarity are all explicitly reviewed together.
-
-## Low-Diversity Template Output Policy
-- If output is judged as low-diversity template output, release is blocked until layout direction is revised.
-- Reviewer must record the failing dimensions and expected redesign direction before re-run.
-
-## Benchmark Expectation
-- Treat MiniMax frontend references as baseline, not target ceiling.
-- Target visual and interaction quality aligned with top award-grade manual design workflows (Awwwards-level reference quality).
-- Prefer original composition and branded design systems over template cloning.
-
-## Evidence for Release
-- [ ] Rubric scorecard attached to release artifact.
-- [ ] Screenshot set across key breakpoints attached.
-- [ ] Accessibility and performance evidence attached alongside rubric score.

package/.agent-context/review-checklists/frontend-skill-parity.md

@@ -1,29 +0,0 @@
-# Frontend Skill Parity Checklist
-
-Use this checklist to enforce mandatory frontend parity aligned with benchmark-driven standards from `MiniMax-AI/skills` `frontend-dev` profile.
-
-## Architecture and Composition
-- [ ] Frontend structure follows feature-driven organization.
-- [ ] Smart and dumb component separation is explicit and documented.
-- [ ] Server state and client state boundaries are documented and enforced.
-
-## Interaction and Motion
-- [ ] Primary user journey includes intentional animation without motion overload.
-- [ ] Reduced-motion fallback behavior is implemented and documented.
-- [ ] Transition timing and easing are consistent across key screens.
-
-## Accessibility and Responsiveness
-- [ ] Keyboard navigation works on all critical flows.
-- [ ] Contrast, typography scale, and focus visibility pass baseline checks.
-- [ ] Layout behavior is validated across mobile and desktop breakpoints.
-
-## UX Narrative and Conversion Clarity
-- [ ] Page hierarchy communicates value proposition within first viewport.
-- [ ] Primary calls to action are explicit and consistently placed.
-- [ ] Error and empty states contain actionable guidance.
-
-## Release Evidence
-- [ ] Frontend parity checklist artifact is attached to release evidence.
-- [ ] Frontend usability audit report is attached to release evidence.
-- [ ] Frontend excellence rubric scorecard is attached to release evidence.
-- [ ] Any parity waiver includes owner, expiry, and risk statement.

package/.agent-context/review-checklists/frontend-usability.md

@@ -1,35 +0,0 @@
-# Frontend Usability Checklist — V1.7 Gate
-
-Run this checklist before claiming frontend work is production-ready.
-
-## 1. Visual System
-- [ ] Typography scale is consistent and tokenized.
-- [ ] Color usage follows design tokens and avoids ad-hoc values.
-- [ ] Spacing and layout rhythm is coherent across pages.
-- [ ] Language and terminology stay consistent across headline, body, and CTA for the same flow.
-
-## 2. Responsiveness
-- [ ] Core pages are usable at mobile, tablet, and desktop breakpoints.
-- [ ] Navigation remains accessible and understandable on small screens.
-- [ ] No content overlap, clipped text, or horizontal scroll regressions.
-
-## 3. Accessibility
-- [ ] Keyboard-only navigation covers all critical user paths.
-- [ ] Primary text and actionable controls meet WCAG AA contrast.
-- [ ] Reduced-motion mode is respected for non-essential animations.
-
-## 4. Interaction Quality
-- [ ] Motion is meaningful, not decorative noise.
-- [ ] Loading, empty, and error states are explicitly designed.
-- [ ] CTA hierarchy is clear and supports user intent.
-
-## 5. Performance and Stability
-- [ ] Lighthouse mobile performance target is met on core pages.
-- [ ] No severe layout shift during load and transition.
-- [ ] Visual regression checks cover protected pages.
-
-## 6. Documentation and Release Evidence
-- [ ] Frontend architecture decision is documented.
-- [ ] Visual baseline update process is documented.
-- [ ] Release note includes usability and responsiveness evidence.
-- [ ] Frontend excellence rubric scorecard is attached with release evidence.

package/.agent-context/review-checklists/marketplace-acceptance.md

@@ -1,60 +0,0 @@
-# Marketplace Acceptance Checklist
-
-Use this checklist to evaluate marketplace artifact submissions. Every gate must be verified before assigning a trust tier.
-
-## Tier Assignment Rule
-
-- **Verified**: all 20 gates pass, composite score >= 85
-- **Community**: gates 1-4 pass, composite score >= 50
-- **Experimental**: gate 1 passes, composite score >= 0
-- **Rejected**: gate 1 fails or forbidden content detected
-
-## Documentation (25%)
-
-- [ ] 1. README.md exists and contains at least 200 characters of non-boilerplate content
-- [ ] 2. README includes a usage example or getting-started section
-- [ ] 3. README includes an API or configuration reference
-- [ ] 4. License declaration is present (LICENSE file or header)
-- [ ] 5. No placeholder-only content (no files that are entirely TODO or stub)
-
-## Tests (25%)
-
-- [ ] 6. At least one test file exists in a recognized test directory
-- [ ] 7. All tests pass without errors when executed
-- [ ] 8. Core exported functions have corresponding test cases
-- [ ] 9. No skipped or disabled tests in critical code paths
-- [ ] 10. Test execution command is documented in README or package metadata
-
-## Evidence (25%)
-
-- [ ] 11. Evidence bundle directory exists at artifact root (e.g. `evidence/` or `.evidence/`)
-- [ ] 12. Compatibility manifest is present declaring supported runtimes and IDE versions
-- [ ] 13. Validation report from the most recent CI run is present
-- [ ] 14. Dependency list or SBOM excerpt is present
-- [ ] 15. Evidence files are current (updated within the tier's maxDaysSinceUpdate threshold)
-
-## Maintenance (25%)
-
-- [ ] 16. Last meaningful update is within the tier's maxDaysSinceUpdate threshold
-- [ ] 17. CHANGELOG.md exists with at least one entry for the current major version
-- [ ] 18. No known critical or high-severity vulnerabilities in direct dependencies
-- [ ] 19. Version follows semantic versioning (MAJOR.MINOR.PATCH)
-- [ ] 20. Owner or maintainer is declared in package metadata or README
-
-## Security (Mandatory, All Tiers)
-
-- [ ] Forbidden content scan passes (no hardcoded secrets, API keys, or private paths)
-- [ ] No `eval()` or dynamic code execution in published assets
-- [ ] No network calls to undeclared external endpoints
-
-## Scoring Notes
-
-Composite score is calculated as:
-
-```
-score = (doc_score * 0.25) + (test_score * 0.25) + (evidence_score * 0.25) + (maintenance_score * 0.25)
-```
-
-Each dimension score is: (gates_passed / total_gates_in_dimension) * 100
-
-Tier thresholds are defined in `.agent-context/marketplace/trust-tiers.json`.

package/.agent-context/review-checklists/performance-audit.md

@@ -1,71 +0,0 @@
-# Performance Audit Checklist
-
-> Run this on any code path that handles data, queries, or network requests.
-> Performance problems are architectural — they don't fix themselves.
-
-## Instructions for Agent
-
-Evaluate every item below. For each finding, rate impact:
-- **CRITICAL** — Will cause outage or severe degradation under normal load
-- **HIGH** — Will degrade at scale, fix before production traffic
-- **MEDIUM** — Wasted resources, fix in this sprint
-- **LOW** — Optimization opportunity, track for later
-
-## Context Trigger Policy
-
-- Strict performance audit auto-runs for review requests, PR-intent workflows, and major feature completion.
-- Small edits default to lightweight mode unless strict mode is explicitly forced.
-- User can force strict mode manually at any time.
-
----
-
-## Database & Queries
-
-- [ ] **No N+1 queries** — No database queries inside loops. Use eager loading or joins.
-- [ ] **No unbounded queries** — Every list query has LIMIT / pagination
-- [ ] **No `SELECT *`** — Only select columns that are actually needed
-- [ ] **Indexes exist for frequently queried columns** — WHERE, JOIN, ORDER BY columns
-- [ ] **Composite indexes match query patterns** — Column order matters
-- [ ] **No unnecessary COUNT(*)** — Use EXISTS for existence checks
-- [ ] **Bulk operations used** — insertAll/updateAll instead of loops for batch work
-- [ ] **Connection pool configured** — Not creating new connections per request
-- [ ] **Query execution time logged** — Slow query detection enabled (> 200ms threshold)
-
-## I/O & Network
-
-- [ ] **No synchronous I/O in async context** — No blocking calls in event-loop code
-- [ ] **HTTP requests have timeouts** — Connect (5s) and read (30s) timeouts configured
-- [ ] **Parallel requests when independent** — Use Promise.all / asyncio.gather
-- [ ] **Retry with backoff** — Network calls retry with exponential backoff + jitter
-- [ ] **Response streaming for large data** — Don't buffer entire response in memory
-- [ ] **File uploads size-limited** — Max upload size configured at server level
-
-## Caching
-
-- [ ] **Cache has invalidation strategy** — If cache exists, invalidation is documented
-- [ ] **TTL is reasonable** — Not too long (stale data), not too short (no benefit)
-- [ ] **Cache stampede prevented** — Locking or staggered TTL for popular keys
-- [ ] **Cache key includes relevant context** — User ID, locale, version where needed
-- [ ] **No caching of user-specific data in shared cache** — Privacy and correctness
-
-## Memory
-
-- [ ] **No unbounded in-memory collections** — Arrays/lists don't grow without limit
-- [ ] **Streaming for large datasets** — Cursor/stream instead of loading all into memory
-- [ ] **No memory leaks** — Event listeners cleaned up, intervals cleared, no circular refs
-- [ ] **Resource cleanup** — File handles, DB connections, HTTP clients properly closed
-
-## Frontend Performance (If Applicable)
-
-- [ ] **No unnecessary re-renders** — Memoization where component receives same props
-- [ ] **Images optimized** — Proper format (WebP), lazy loading, responsive sizes
-- [ ] **Bundle size checked** — No 500KB library for a 5-function use case
-- [ ] **API calls deduplicated** — Same data not fetched multiple times in same render
-- [ ] **Pagination/virtualization for long lists** — Not rendering 10,000 DOM nodes
-
-## General
-
-- [ ] **No premature optimization** — Changes based on evidence, not assumptions
-- [ ] **Hot paths identified** — Critical user-facing paths are optimized first
-- [ ] **Compression enabled** — gzip/brotli for HTTP responses
-- [ ] **Rate limiting configured** — API endpoints have request limits

package/.agent-context/review-checklists/release-operations.md

@@ -1,33 +0,0 @@
-# Release Operations Checklist (V1.8)
-
-Use this checklist before promoting any release tag or package publish operation.
-
-## 0) Terminology Boundary (Compliance and Audit)
-- Compliance and audit artifacts keep the canonical enterprise term: `Federated Governance`.
-- Developer-facing aliases are allowed outside compliance artifacts when first mention includes the canonical term in parentheses.
-
-## 1) Versioning and Changelog Integrity
-- `package.json` version is valid semantic version (`x.y.z`).
-- `CHANGELOG.md` has a matching release header for the package version.
-- `docs/roadmap.md` reflects release status and scope for the current milestone.
-
-## 2) Quality Gates and Test Evidence
-- `npm run validate` passes with zero failures.
-- `npm run test` passes on the full suite.
-- Frontend governance gate (`npm run audit:frontend-usability`) passes.
-- Release governance gate (`npm run gate:release`) passes.
-
-## 3) Supply Chain and Compliance Evidence
-- SBOM is generated with `npm run sbom:generate`.
-- CI uploads SBOM artifact for retention and audit traceability.
-- CI uploads release-gate report artifact for each run.
-
-## 4) Security and Override Governance
-- `.agent-override.md` entries have valid `Owner` and `Expiry` metadata.
-- No expired overrides remain active.
-- Any temporary exception has explicit rollback owner and date.
-
-## 5) Publish Readiness
-- Release notes summarize scope, risks, and rollback steps.
-- Required GitHub workflows are green on target commit.
-- Tag and publish command are executed only after all checks pass.

package/.agent-context/review-checklists/security-audit.md

@@ -1,119 +0,0 @@
-# Security Audit Checklist — OWASP-Aligned
-
-> Run this on any code that handles authentication, authorization,
-> user input, or external data. When in doubt, run it anyway.
-
-## Instructions for Agent
-
-Evaluate every item below against the current code. For each finding, rate severity:
-- 🔴 **CRITICAL** — Exploitable now, must fix before deploy
-- 🟠 **HIGH** — Likely exploitable, fix in this PR
-- 🟡 **MEDIUM** — Potential risk, fix before production
-- 🟢 **LOW** — Minor, fix when convenient
-
-Output format:
-```
-## SECURITY AUDIT RESULTS
-━━━━━━━━━━━━━━━━━━━━━━━━━
-
-🔴 CRITICAL: [finding title]
-   Location: [file:line]
-   Risk: [what an attacker could do]
-   Fix: [specific remediation]
-
-VERDICT: X findings (🔴 N critical, 🟠 N high, 🟡 N medium, 🟢 N low)
-```
-
-## Context Trigger Policy
-
-- Strict security audit auto-runs for review requests, PR-intent workflows, and major feature completion.
-- Small edits default to lightweight mode unless strict mode is explicitly forced.
-- User can force strict mode manually at any time.
-
----
-
-## A1: Injection (SQL, NoSQL, OS, LDAP)
-
-- [ ] No string concatenation in SQL queries → use parameterized queries
-- [ ] No string interpolation in OS commands → use argument arrays
-- [ ] No raw user input in regex → escape or use validated patterns
-- [ ] ORM/query builder used correctly (no raw queries with user input)
-- [ ] No `eval()`, `new Function()`, or `exec()` with user-controlled input
-
-## A2: Broken Authentication
-
-- [ ] Passwords hashed with bcrypt (cost ≥ 12) or argon2
-- [ ] No MD5, SHA1, or SHA256 for password hashing
-- [ ] Rate limiting on login endpoints (max 5 per minute per IP)
-- [ ] Session tokens are cryptographically random (≥ 256 bits)
-- [ ] JWT tokens have reasonable expiration (≤ 15 min for access, ≤ 7 days refresh)
-- [ ] Refresh token rotation implemented (invalidate old token on use)
-- [ ] Password reset tokens are single-use and time-limited (≤ 1 hour)
-
-## A3: Sensitive Data Exposure
-
-- [ ] No secrets in source code (API keys, passwords, tokens)
-- [ ] No secrets in git history (check with `git log -p | grep -i secret`)
-- [ ] Sensitive fields excluded from API responses (password, tokens, internal IDs)
-- [ ] Sensitive fields excluded from logs (passwords, tokens, PII)
-- [ ] HTTPS enforced (HSTS header present)
-- [ ] Sensitive cookies have `Secure`, `HttpOnly`, `SameSite` flags
-
-## A4: Broken Access Control
-
-- [ ] Authorization enforced server-side (not just client-side UI hiding)
-- [ ] Resource ownership verified (user can only access their own data)
-- [ ] Default deny — if no rule grants access, deny
-- [ ] Admin endpoints require admin role verification
-- [ ] No direct object reference without access check (IDOR prevention)
-- [ ] CORS configured with specific origins (not `*`)
-- [ ] File upload paths don't allow directory traversal
-
-## A5: Security Misconfiguration
-
-- [ ] Debug mode disabled in production (no stack traces to client)
-- [ ] Default credentials changed
-- [ ] Unnecessary features/endpoints disabled
-- [ ] Security headers present:
-  - `Strict-Transport-Security`
-  - `Content-Security-Policy`
-  - `X-Content-Type-Options: nosniff`
-  - `X-Frame-Options: DENY`
-  - `Referrer-Policy`
-- [ ] Error responses don't reveal framework/version info
-
-## A6: XSS (Cross-Site Scripting)
-
-- [ ] No `innerHTML`, `dangerouslySetInnerHTML`, or `v-html` with user data
-- [ ] Output encoding applied when rendering user input
-- [ ] Content-Security-Policy header restricts inline scripts
-- [ ] URL parameters validated before rendering
-
-## A7: Insecure Dependencies
-
-- [ ] No known vulnerabilities in dependencies (`npm audit` clean)
-- [ ] Dependencies are actively maintained (check pulse)
-- [ ] Lock files committed and up-to-date
-- [ ] No unnecessary dependencies (check efficiency-vs-hype.md)
-
-## A8: Logging & Monitoring
-
-- [ ] Authentication failures logged with IP and timestamp
-- [ ] Authorization failures logged with userId and resource
-- [ ] Critical operations logged (data deletion, role changes, exports)
-- [ ] Logs do NOT contain passwords, tokens, or full credit card numbers
-- [ ] Log injection prevented (sanitize user input before logging)
-
-## A9: Rate Limiting
-
-- [ ] Auth endpoints rate-limited
-- [ ] API endpoints have reasonable rate limits
-- [ ] File upload size limits configured
-- [ ] Pagination limits enforced (prevent requesting 1M records)
-
-## A10: Mass Assignment
-
-- [ ] Input DTOs explicitly whitelist allowed fields
-- [ ] No `Object.assign(entity, req.body)` without field filtering
-- [ ] Admin-only fields (role, permissions) can't be set by regular users
-- [ ] Database updates use explicit field sets, not spread operators on raw input

package/.agent-context/skills/README.md

@@ -1,63 +0,0 @@
-# Skill Platform
-
-The skill platform is the internal skill system for Agentic-Senior-Core.
-
-## Design Goals
-- Unify skill content from benchmark repositories into one governed platform.
-- Make `advance` the default operating tier.
-- Keep `standard` only as a compatibility fallback.
-- Require evidence, validation, and release gates for every skill pack.
-
-## Tier Model
-
-### standard
-- Compatibility mode only.
-- Minimal guidance.
-- No default status for new work.
-
-### advance
-- Default operating tier.
-- Efficient, opinionated, and production-aware.
-- Used for normal feature delivery.
-
-### expert
-- For complex architecture, integration, and critical refactors.
-- Requires stronger evidence and review depth.
-
-### above
-- For release-critical, cross-domain, or enterprise governance work.
-- Requires full evidence bundle and explicit owner signoff.
-
-## Domain Packs
-- [Frontend](frontend/README.md)
-- [Backend](backend/README.md)
-- [Fullstack](fullstack/README.md)
-- [CLI](cli/README.md)
-- [Distribution](distribution/README.md)
-- [Review Quality](review-quality/README.md)
-
-## Folder Structure
-```text
-.agent-context/skills/
-├── README.md
-├── index.json
-├── frontend/
-├── backend/
-├── fullstack/
-├── cli/
-├── distribution/
-└── review-quality/
-```
-
-Each domain folder has its own README plus topic-level docs so the platform can scale like a curated skills library.
-
-## Benchmark Sources
-- sickn33/antigravity-awesome-skills
-- github/awesome-copilot
-- MiniMax-AI/skills
-
-## Platform Rules
-- Every skill pack must define purpose, inputs, outputs, validation, evidence, and fallback.
-- Every skill pack must state the default tier it targets.
-- Every release must include a skill parity check for the configured tiers.
-- Every deviation from the default tier must be justified in the evidence bundle.

package/.agent-context/skills/backend/README.md

@@ -1,68 +0,0 @@
-# Backend Engineering Skills
-
-The backend domain covers server-side architecture, business logic, data access patterns, error handling, and operational concerns. Content consolidated from **antigravity-awesome-skills**, **awesome-copilot**, and **MiniMax-AI/skills**, with supercharging improvements ("above the line" automation and enforcement).
-
-## Topics
-
-- **[architecture.md](architecture.md)** - Layered design (Transport->Service->Repository), monolith vs microservices, SoC patterns, dependency management, strangler fig migrations
-- **[validation.md](validation.md)** - Input sanitization, schema validation at API boundary, parameterized queries, typed errors
-- **[data-access.md](data-access.md)** - Database design (3NF), query optimization (N+1 detection), safe zero-downtime migrations, indexing strategy
-- **[errors.md](errors.md)** - Typed error codes, recovery patterns, debugging protocols, logging + correlation IDs
-
-## What Makes Ours Different
-
-- Layered Architecture (awesome-copilot) + Microservices Decision Framework (antigravity) + Project Structure (minimax)
-- Dependency Auditor (ABOVE LINE) - Detect circular dependencies and enforce Transport->Service->Repository direction
-- Zero-Downtime Migration Validator (ABOVE LINE) - Scan migrations, flag risky patterns, and suggest remediation
-- Secrets Detector (ABOVE LINE) - Static scan for hardcoded API keys and database passwords
-
-## Recommended Reading Order
-
-1. `architecture.md` - Understand mental models (EXPERT tier)
-2. `validation.md` - Protect at boundaries (ADVANCE tier)
-3. `data-access.md` - Query strategy (EXPERT tier)
-4. `errors.md` - Error handling pipeline (ADVANCE tier)
-
-Then run:
-```bash
-npm run validate            # Ensure tier structure
-npm test                    # Verify examples compile
-agentic-senior-core skill backend --tier expert  # See consolidated content
-```
-
-## Tier Defaults per Topic
-
-| Topic | Default Tier | Focus |
-|-------|--------------|-------|
-| architecture | EXPERT | Layering, dependencies, monolith->microservices migration |
-| validation | ADVANCE | Boundary protection, Zod/Pydantic examples |
-| data-access | EXPERT | 3NF design, N+1 patterns, safe migrations, indexed FKs |
-| errors | ADVANCE | Typed codes, recovery, correlation IDs, logging |
-
-## Comparative Coverage vs Benchmarks
-
-| Aspect | antigravity | awesome-copilot | MiniMax | Ours |
-|--------|-------------|-----------------|---------|------|
-| Layered Architecture | Medium | High | Medium | High + policy enforcement |
-| Monolith to Microservices | High | Medium | Medium | High + migration strategy |
-| Database Design | Medium | High | Medium | High + guardrails |
-| Error Handling | High | Medium | Medium | High + typed recovery path |
-| Automation Tools | None | None | None | Dependency auditor, migration validator, secrets scanner |
-
-## How to Use
-
-**For init workflow:**
-```bash
-agentic-senior-core init --stack typescript --blueprint api-nextjs
-# Activates: frontend, fullstack, backend, cli skills
-# Default tier: advance
-```
-
-**For explicit skill selection:**
-```bash
-agentic-senior-core skill backend --tier expert
-# Outputs: architecture + validation + data-access + errors at EXPERT level
-```
-
-**For skill reference in .cursorrules:**
-Content from this domain automatically includes in `.cursorrules` when activated.