claudeos-core 1.0.7 → 1.2.0

package/pass-prompts/templates/java-spring/pass2.md

@@ -1,80 +1,80 @@
-claudeos-core/generated/ 디렉토리에서 pass1-*.json 파일을 전부 읽고,
-모든 도메인의 분석 결과를 하나로 통합해줘.
+Read all pass1-*.json files from the claudeos-core/generated/ directory and
+merge all domain analysis results into a single unified report.
 
-통합 항목:
+Merge items:
 
-1. 전체 공통 패턴 (모든 도메인이 100% 공유하는 것)
-   - Controller 스타일 (어노테이션, URL 패턴, 응답 형식)
-   - Service 트랜잭션 전략 (propagation, readOnly)
-   - 데이터 접근 패턴 (ORM 방식, Repository/Mapper 구조)
-   - DTO/Entity 규칙 (상속, Lombok, 명명)
-   - 에러 핸들링 패턴 (예외 계층, @ControllerAdvice)
-   - Interceptor/Filter/AOP 패턴
+1. Universal Patterns (shared by 100% of all domains)
+   - Controller style (annotations, URL patterns, response format)
+   - Service transaction strategy (propagation, readOnly)
+   - Data access patterns (ORM approach, Repository/Mapper structure)
+   - DTO/Entity rules (inheritance, Lombok, naming)
+   - Error handling patterns (exception hierarchy, @ControllerAdvice)
+   - Interceptor/Filter/AOP patterns
 
-2. 다수 공유 패턴 (50% 이상 도메인이 공유)
-   - 어떤 도메인들이 공유하는지 명시
+2. Majority Patterns (shared by 50%+ of domains)
+   - Specify which domains share them
 
-3. 도메인 특화 패턴 (해당 도메인만 가진 것)
-   - 파일 업로드: 어느 도메인
-   - Excel: 어느 도메인
-   - 일괄 처리: 어느 도메인
-   - 상태 전이: 어느 도메인
-   - 스케줄링: 어느 도메인
-   - 외부 연동: 어느 도메인
-   - 메시징: 어느 도메인
+3. Domain-Specific Patterns (unique to a single domain)
+   - File upload: which domain
+   - Excel: which domain
+   - Bulk processing: which domain
+   - State transitions: which domain
+   - Scheduling: which domain
+   - External integrations: which domain
+   - Messaging: which domain
 
-4. 안티패턴 종합
-   - 모든 도메인에서 발견된 비일관성 통합
-   - 심각도별 분류 (CRITICAL / HIGH / MEDIUM / LOW)
+4. Anti-pattern Summary
+   - Consolidate all inconsistencies found across domains
+   - Classify by severity (CRITICAL / HIGH / MEDIUM / LOW)
 
-5. 명명 규칙 종합
-   - 패키지 구조 규칙
-   - 클래스/메서드 네이밍 규칙
-   - DTO/Entity 명명 규칙
-   - URL 패턴 규칙
-   - DB 테이블/컬럼 네이밍
+5. Naming Conventions Summary
+   - Package structure conventions
+   - Class/method naming conventions
+   - DTO/Entity naming conventions
+   - URL pattern conventions
+   - DB table/column naming
 
-6. 공통 클래스/유틸리티 목록
-   - Base 클래스 필드 (재선언 금지)
-   - 공유 유틸리티 클래스
-   - 상수/Enum 관리 방식
+6. Common Classes/Utilities List
+   - Base class fields (must not be redeclared)
+   - Shared utility classes
+   - Constants/Enum management approach
 
-7. 보안/인증 패턴
-   - 인증 방식 (JWT, Session, OAuth2)
-   - 권한 체크 방식 (@PreAuthorize, SecurityConfig)
-   - CORS 설정
-   - 환경별 보안 설정
+7. Security/Authentication Patterns
+   - Authentication method (JWT, Session, OAuth2)
+   - Authorization check method (@PreAuthorize, SecurityConfig)
+   - CORS configuration
+   - Per-environment security settings
 
-8. DB 패턴
-   - 테이블 네이밍 규칙
-   - 마이그레이션 전략 (Flyway, Liquibase, 수동)
-   - 감사 컬럼 규격
-   - PK 생성 전략
-   - 인덱스/제약 조건 관례
+8. Database Patterns
+   - Table naming conventions
+   - Migration strategy (Flyway, Liquibase, manual)
+   - Audit column specification
+   - PK generation strategy
+   - Index/constraint conventions
 
-9. 테스트 전략 종합
-   - 테스트 커버리지 수준
-   - 테스트 분류 체계 (단위/통합/슬라이스)
-   - 모킹 전략
-   - 테스트 네이밍 규칙
-   - 테스트 데이터 관리
+9. Testing Strategy Summary
+   - Test coverage level
+   - Test classification system (unit/integration/slice)
+   - Mocking strategy
+   - Test naming conventions
+   - Test data management
 
-10. 로깅/모니터링 전략
-    - 로거 표준
-    - 로그 레벨 정책
-    - 구조화 로깅 방식
-    - 요청/응답 로깅
+10. Logging/Monitoring Strategy
+    - Logger standard
+    - Log level policy
+    - Structured logging approach
+    - Request/response logging
 
-11. 성능 패턴
-    - 캐싱 전략
-    - 쿼리 최적화 현황
-    - 비동기 처리 현황
-    - 커넥션 풀 설정
+11. Performance Patterns
+    - Caching strategy
+    - Query optimization status
+    - Async processing status
+    - Connection pool configuration
 
-12. 코드 품질 도구
-    - Lint/Format 도구 (Checkstyle, SpotBugs, PMD, Spotless)
-    - 코드 리뷰 규칙
-    - CI 연동 현황
+12. Code Quality Tools
+    - Lint/Format tools (Checkstyle, SpotBugs, PMD, Spotless)
+    - Code review rules
+    - CI integration status
 
-코드 생성은 하지 마. 통합만.
-결과를 claudeos-core/generated/pass2-merged.json에 저장.
+Do not generate code. Merge only.
+Save results to claudeos-core/generated/pass2-merged.json.

package/pass-prompts/templates/java-spring/pass3.md

@@ -1,61 +1,61 @@
-claudeos-core/generated/project-analysis.json과
-claudeos-core/generated/pass2-merged.json을 읽고,
-분석 결과를 기반으로 ClaudeOS-Core 파일을 전부 생성해줘.
+Read claudeos-core/generated/project-analysis.json and
+claudeos-core/generated/pass2-merged.json, then
+generate all ClaudeOS-Core files based on the analysis results.
 
-원본 소스 코드를 다시 읽지 마. 분석 결과만 참조.
+Do not read the original source code again. Reference only the analysis results.
 
-생성 대상:
+Generation targets:
 
-1. CLAUDE.md (프로젝트 루트)
-   - Role 정의 (분석된 스택 기반)
+1. CLAUDE.md (project root)
+   - Role definition (based on detected stack)
    - Build & Run Commands (Gradle/Maven)
-   - 핵심 아키텍처 다이어그램
-   - DB 테이블 네이밍 규칙
-   - Standard/Skills/Guide 참조 테이블
+   - Core architecture diagram
+   - DB table naming conventions
+   - Standard/Skills/Guide reference table
 
-2. claudeos-core/standard/ (활성 도메인만)
-   - 00.core/01.project-overview.md — 스택, 모듈, API 서버 정보
-   - 00.core/02.architecture.md — 레이어 구조, 요청 흐름, 패키지 구조
-   - 00.core/03.naming-conventions.md — 클래스/DTO/Entity/테이블 명명규칙
-   - 10.backend-api/01.controller-patterns.md — Controller 작성 규칙 + 예시
-   - 10.backend-api/02.service-patterns.md — 트랜잭션, DI, 비즈니스 로직 패턴
-   - 10.backend-api/03.data-access-patterns.md — ORM 패턴 (감지된 MyBatis/JPA/QueryDSL에 맞게)
-   - 10.backend-api/04.response-exception.md — 응답/에러 핸들링 패턴
-   - 10.backend-api/05.dto-validation.md — DTO 작성 규칙, Validation
-   - 10.backend-api/06.interceptor-filter-aop.md — 미들웨어, AOP, 로깅 인터셉터
-   - 20.frontend-ui/* — (프론트 감지 시에만 생성)
-   - 30.security-db/01.security-auth.md — 인증, 권한, CORS
-   - 30.security-db/02.database-schema.md — DDL, 마이그레이션, 감사 컬럼
-   - 30.security-db/03.common-utilities.md — 공통 유틸, 상수, Base 클래스
-   - 40.infra/01.environment-config.md — 프로파일, 환경변수, 설정 관리
-   - 40.infra/02.logging-monitoring.md — 로깅 표준, 모니터링, 알림
-   - 40.infra/03.cicd-deployment.md — CI/CD 파이프라인, 배포 전략
-   - 50.verification/01.development-verification.md — 빌드, 기동, API 테스트
-   - 50.verification/02.testing-strategy.md — 테스트 전략, 모킹, 커버리지
+2. claudeos-core/standard/ (active domains only)
+   - 00.core/01.project-overview.md — Stack, modules, API server info
+   - 00.core/02.architecture.md — Layer structure, request flow, package structure
+   - 00.core/03.naming-conventions.md — Class/DTO/Entity/table naming conventions
+   - 10.backend-api/01.controller-patterns.md — Controller writing rules + examples
+   - 10.backend-api/02.service-patterns.md — Transactions, DI, business logic patterns
+   - 10.backend-api/03.data-access-patterns.md — ORM patterns (tailored to detected MyBatis/JPA/QueryDSL)
+   - 10.backend-api/04.response-exception.md — Response/error handling patterns
+   - 10.backend-api/05.dto-validation.md — DTO writing rules, Validation
+   - 10.backend-api/06.interceptor-filter-aop.md — Middleware, AOP, logging interceptors
+   - 20.frontend-ui/* — (generate only if frontend detected)
+   - 30.security-db/01.security-auth.md — Authentication, authorization, CORS
+   - 30.security-db/02.database-schema.md — DDL, migrations, audit columns
+   - 30.security-db/03.common-utilities.md — Common utilities, constants, Base classes
+   - 40.infra/01.environment-config.md — Profiles, environment variables, configuration management
+   - 40.infra/02.logging-monitoring.md — Logging standards, monitoring, alerts
+   - 40.infra/03.cicd-deployment.md — CI/CD pipeline, deployment strategy
+   - 50.verification/01.development-verification.md — Build, startup, API testing
+   - 50.verification/02.testing-strategy.md — Testing strategy, mocking, coverage
 
-   각 파일에는 반드시 포함:
-   - 올바른 예시 (✅ 코드 블록)
-   - 잘못된 예시 (❌ 코드 블록)
-   - 핵심 규칙 요약 테이블
+   Each file MUST include:
+   - Correct examples (✅ code blocks)
+   - Incorrect examples (❌ code blocks)
+   - Key rules summary table
 
-3. .claude/rules/ (활성 도메인만)
-   - 각 규칙 파일에 paths: frontmatter 포함 (이 프로젝트 패키지 경로에 맞게)
-   - 핵심 규칙 5~10줄 직접 기술
-   - @import로 상세 standard 참조 (경로: @../../claudeos-core/standard/...)
-   - @import로 skills 오케스트레이터 참조
+3. .claude/rules/ (active domains only)
+   - Each rule file must include paths: frontmatter (matching this project's package paths)
+   - Write 5-10 lines of key rules directly
+   - Reference detailed standards via @import (path: @../../claudeos-core/standard/...)
+   - Reference skills orchestrator via @import
 
-4. .claude/rules/50.sync/ (동기화 규칙 3개)
-   - 01.standard-sync.md — standard 수정 시 plan/10 자동 갱신
-   - 02.rules-sync.md — rules 수정 시 plan/20 자동 갱신
-   - 03.skills-sync.md — skills 수정 시 plan/30 자동 갱신
+4. .claude/rules/50.sync/ (3 sync rules)
+   - 01.standard-sync.md — Auto-update plan/10 when standard is modified
+   - 02.rules-sync.md — Auto-update plan/20 when rules are modified
+   - 03.skills-sync.md — Auto-update plan/30 when skills are modified
 
-5. claudeos-core/skills/ (활성 도메인만)
-   - 10.backend-crud/01.scaffold-crud-feature.md (오케스트레이터)
-   - 10.backend-crud/scaffold-crud-feature/01~08 (하위 스킬: controller, service, repository, entity, dto, migration, test, index)
-   - 20.frontend-page/* (프론트 감지 시에만)
-   - 00.shared/MANIFEST.md (스킬 레지스트리)
+5. claudeos-core/skills/ (active domains only)
+   - 10.backend-crud/01.scaffold-crud-feature.md (orchestrator)
+   - 10.backend-crud/scaffold-crud-feature/01~08 (sub-skills: controller, service, repository, entity, dto, migration, test, index)
+   - 20.frontend-page/* (only if frontend detected)
+   - 00.shared/MANIFEST.md (skill registry)
 
-6. claudeos-core/guide/ (전체)
+6. claudeos-core/guide/ (all)
    - 01.onboarding/01.overview.md
    - 01.onboarding/02.quickstart.md
    - 01.onboarding/03.glossary.md
@@ -66,17 +66,17 @@ claudeos-core/generated/pass2-merged.json을 읽고,
    - 04.architecture/01.file-map.md
    - 04.architecture/02.pros-and-cons.md
 
-7. claudeos-core/plan/ (마스터 플랜 — 생성한 파일의 전문을 <file> 블록에 삽입)
-   - 10.standard-master.md — CLAUDE.md + standard/ 전체 <file> 블록
-   - 20.rules-master.md — rules/ (sync 제외) 전체 <file> 블록
-   - 21.sync-rules-master.md — sync 규칙 전체 (코드블록 방식)
-   - 30.backend-skills-master.md — backend skills 전체 <file> 블록
-   - 31.frontend-skills-master.md — frontend skills 전체 <file> 블록 (프론트 감지 시)
-   - 40.guides-master.md — guide/ 전체 <file> 블록
+7. claudeos-core/plan/ (Master Plan — insert full file content in <file> blocks)
+   - 10.standard-master.md — CLAUDE.md + all standard/ files as <file> blocks
+   - 20.rules-master.md — All rules/ (except sync) as <file> blocks
+   - 21.sync-rules-master.md — All sync rules (code block format)
+   - 30.backend-skills-master.md — All backend skills as <file> blocks
+   - 31.frontend-skills-master.md — All frontend skills as <file> blocks (if frontend detected)
+   - 40.guides-master.md — All guide/ files as <file> blocks
 
-8. claudeos-core/database/ (DB 관련 문서)
-   - 01.schema-overview.md — 테이블 목록, ER 다이어그램 설명
-   - 02.migration-guide.md — 마이그레이션 절차, 롤백 방법
+8. claudeos-core/database/ (DB documentation)
+   - 01.schema-overview.md — Table list, ER diagram description
+   - 02.migration-guide.md — Migration procedure, rollback methods
 
-9. claudeos-core/mcp-guide/ (MCP 서버 연동 가이드)
-   - 01.mcp-overview.md — 사용 중인 MCP 서버 목록, 연동 방법
+9. claudeos-core/mcp-guide/ (MCP server integration guide)
+   - 01.mcp-overview.md — List of MCP servers in use, integration methods

package/pass-prompts/templates/kotlin-spring/pass1.md

@@ -0,0 +1,172 @@
+Read claudeos-core/generated/project-analysis.json and
+perform a deep analysis of the following domains only: {{DOMAIN_GROUP}}
+
+For each domain, select one representative file per layer, read its code, and analyze it.
+Prioritize files with the richest patterns.
+For multi-module domains, analyze files from EACH module (command, query, bff) separately.
+
+Analysis items (per domain):
+
+1. Controller/Router Patterns
+   - Class annotations (@RestController, @Controller, inheritance, RequestMapping)
+   - Kotlin-specific syntax (suspend functions, coroutines in controllers)
+   - Method mappings (@GetMapping, @PostMapping, @PutMapping, @DeleteMapping, @PatchMapping)
+   - URL patterns (RESTful conventions, naming, versioning)
+   - Parameter binding (@RequestBody, @PathVariable, @RequestParam, @ModelAttribute)
+   - Response format (ResponseEntity, custom response wrappers, sealed class responses)
+   - Error handling (try-catch, @ExceptionHandler, @ControllerAdvice, Result/Either pattern)
+   - Authentication/authorization (@AuthenticationPrincipal, @PreAuthorize, SecurityContext)
+   - API documentation (Swagger/SpringDoc annotations)
+   - Pagination (Pageable, custom paging parameters, Slice vs Page)
+   - **CQRS split**: How command controllers differ from query controllers
+
+2. BFF (Backend For Frontend) Patterns — if BFF module exists
+   - Feign Client declarations (@FeignClient, configuration, fallback)
+   - Response composition (aggregating responses from multiple backend services)
+   - Request transformation (client request → backend request mapping)
+   - Error propagation (how backend errors are translated for clients)
+   - Caching at BFF level
+   - Mobile vs Web differentiation (if separate BFF servers exist)
+
+3. Service Patterns
+   - Class annotations (@Service, @Transactional)
+   - Kotlin-specific patterns (extension functions, scope functions let/run/apply/also)
+   - Transaction strategy (class-level vs method-level, readOnly separation, propagation)
+   - Dependency injection (constructor injection, @Autowired, Spring functional style)
+   - Business exception handling (custom Exception hierarchy, sealed class exceptions)
+   - Validation logic placement (within Service vs separate Validator)
+   - Event handling (ApplicationEventPublisher, @EventListener, @TransactionalEventListener)
+   - **CQRS split**: Command service vs Query service patterns
+
+4. Data Access Patterns
+   - ORM approach (JPA/Hibernate, MyBatis, Exposed, jOOQ, Spring Data JDBC)
+   - Repository/Mapper interface structure (inheritance, custom methods)
+   - Read/write DB separation (if applicable — separate datasource config)
+   - Pagination approach (Pageable, custom, Slice)
+   - Audit columns (createdAt/updatedAt/createdBy/updatedBy, @CreatedDate, @LastModifiedDate)
+   - NULL handling strategy (Kotlin nullability vs DB null)
+   - PK generation strategy (AUTO_INCREMENT, SEQUENCE, UUID, ULID, custom)
+   - N+1 handling (fetch join, @EntityGraph, BatchSize, @Fetch)
+   - Dynamic queries (Specification, QueryDSL, MyBatis dynamic SQL, Criteria API)
+
+5. DTO/VO/Entity Patterns
+   - Kotlin class types (data class, value class, sealed class, enum class)
+   - Request/Response DTO separation rules
+   - DTO naming conventions
+   - **DTO vs VO distinction**: DTO (data transfer, mutable) vs VO (domain concept, immutable, equality by value)
+   - VO usage patterns (value class for single-value VO, data class for multi-field VO)
+   - VO examples: Money, Address, Email, PhoneNumber, DateRange, Quantity
+   - VO location (domain layer vs shared-lib)
+   - Nullable vs non-nullable field rules
+   - Validation annotations (@field:NotNull, @field:NotBlank, @field:Size, custom)
+   - Conversion approach (mapstruct-kotlin, manual extension functions, toEntity/toDto)
+   - Serialization (Jackson Kotlin module, kotlinx.serialization)
+
+6. Aggregate/Aggregate Root Patterns
+   - Aggregate boundary definition (which entities belong together)
+   - Aggregate Root identification (entry point entity for the aggregate)
+   - Aggregate Root patterns: enforce invariants, control child entity access
+   - Repository per Aggregate Root (not per entity)
+   - Inter-aggregate references (by ID only, not by object reference)
+   - Domain event publishing from Aggregate Root
+   - Aggregate size strategy (small aggregates vs large aggregates)
+   - Aggregator service patterns (composing data from multiple aggregates/services)
+   - Aggregator vs BFF distinction (internal aggregation vs client-facing composition)
+
+7. Inter-Module Communication Patterns
+   - Feign Client patterns (declaration, configuration, interceptors, error decoder)
+   - Event/Pub-Sub patterns (Kafka, RabbitMQ, Spring Events, custom event bus)
+   - Shared library usage (shared-lib classes, DTOs, utils used across modules)
+   - Integration library patterns (integration-lib contracts, adapters)
+   - Module boundary rules (what can/cannot be shared)
+
+8. Configuration/Environment Patterns
+   - Profile separation (local/dev/stg/prod)
+   - Configuration loading (@ConfigurationProperties, @Value, Environment)
+   - Multi-module config (shared vs per-module application.yml)
+   - Build configuration (Gradle Kotlin DSL, dependency management, version catalogs)
+   - External configuration (application.yml structure, environment variables)
+
+9. Logging Patterns
+   - Logger usage (SLF4J, Logback, kotlin-logging, mu-logging)
+   - Companion object logger pattern
+   - Log level policy
+   - Structured logging (MDC, JSON format)
+   - Request/response logging approach (interceptor, filter)
+
+10. Testing Patterns
+   - Test framework (JUnit 5, Kotest, MockK, AssertJ)
+   - Kotlin-specific testing (shouldBe, slot, coEvery for coroutines)
+   - Test classification (unit/integration/slice)
+   - @SpringBootTest vs @WebMvcTest vs @DataJpaTest
+   - Mocking strategy (MockK mockk/every/verify, @MockkBean)
+   - Test data management (TestFixture, Builder pattern, Object Mother)
+   - Test naming conventions (backtick method names, BDD style)
+
+11. Domain-Specific Patterns
+    - File upload/download (MultipartFile, S3)
+    - Excel import/export (Apache POI, EasyExcel)
+    - Bulk processing (Batch CUD, Spring Batch)
+    - State transition logic (state machine, sealed class-based)
+    - Scheduling (@Scheduled, Quartz)
+    - External API integration (WebClient, RestClient, FeignClient, Retrofit)
+    - Caching (@Cacheable, Redis, Caffeine)
+    - Messaging (Kafka, RabbitMQ)
+    - Internationalization (MessageSource, LocaleResolver)
+    - Coroutines/async patterns (suspend functions, Flow, Deferred)
+
+12. Anti-patterns / Inconsistencies
+    - Code with differing styles within the domain
+    - Patterns inconsistent between command and query modules
+    - Java-style code in Kotlin (not using Kotlin idioms)
+    - Nullable abuse (!! operator overuse, platform types)
+    - Performance issues (N+1, unnecessary queries, blocking calls in coroutines)
+    - Security issues (SQL Injection potential, missing authorization)
+    - Module boundary violations (direct DB access from BFF, circular dependencies)
+    - Aggregate boundary violations (cross-aggregate direct references, oversized aggregates)
+    - VO misuse (mutable VOs, VOs with identity, DTO used where VO should be)
+
+Do not create files. Analysis only.
+Save results to claudeos-core/generated/pass1-{{PASS_NUM}}.json in the following format:
+
+{
+  "analyzedAt": "ISO timestamp",
+  "passNum": {{PASS_NUM}},
+  "domains": ["reservation", "payment", "iam", "channel"],
+  "analysisPerDomain": {
+    "reservation": {
+      "modules": ["reservation-command-server", "common-query-server"],
+      "serverTypes": ["command", "query"],  // omit if single-module (non-CQRS) project
+      "representativeFiles": {
+        "commandController": "servers/command/reservation-command-server/.../ReservationCommandController.kt",
+        "queryController": "servers/query/common-query-server/.../ReservationQueryController.kt",
+        "commandService": "...ReservationCommandService.kt",
+        "queryService": "...ReservationQueryService.kt",
+        "repository": "...ReservationRepository.kt",
+        "entity": "...Reservation.kt",
+        "dto": "...ReservationRequest.kt",
+        "vo": "...Money.kt (if exists)",
+        "aggregate": "...ReservationAggregate.kt (if exists)"
+      },
+      "patterns": {
+        "controller": { "command": { ... }, "query": { ... } },
+        "bff": { ... },
+        "service": { "command": { ... }, "query": { ... } },
+        "dataAccess": { ... },
+        "dto": { ... },
+        "vo": { ... },
+        "aggregate": { ... },
+        "interModule": { ... },
+        "config": { ... },
+        "logging": { ... },
+        "testing": { ... }
+      },
+      "specialPatterns": [],
+      "antiPatterns": []
+    }
+  },
+  "crossDomainCommon": {
+    "description": "Patterns commonly used across domains in this group",
+    "patterns": []
+  }
+}

package/pass-prompts/templates/kotlin-spring/pass2.md

@@ -0,0 +1,109 @@
+Read all pass1-*.json files from the claudeos-core/generated/ directory and
+merge all domain analysis results into a single unified report.
+
+Merge items:
+
+1. Universal Patterns (shared by 100% of all domains)
+   - Controller style (annotations, URL patterns, response format)
+   - CQRS split conventions (command controller vs query controller differences)
+   - Service transaction strategy (propagation, readOnly)
+   - Data access patterns (ORM approach, Repository/Mapper structure)
+   - DTO/VO/Entity rules (data class conventions, VO immutability, nullable rules, naming)
+   - Aggregate patterns (boundary definition, Aggregate Root identification, repository-per-aggregate)
+   - Error handling patterns (exception hierarchy, @ControllerAdvice)
+   - Kotlin idiom usage (extension functions, scope functions, null safety)
+
+2. Majority Patterns (shared by 50%+ of domains)
+   - Specify which domains share them
+
+3. Domain-Specific Patterns (unique to a single domain)
+   - File upload: which domain
+   - Excel: which domain
+   - Bulk processing: which domain
+   - State transitions: which domain
+   - Scheduling: which domain
+   - External integrations: which domain
+   - Messaging: which domain
+   - Coroutines/async: which domain
+
+4. Anti-pattern Summary
+   - Consolidate all inconsistencies found across domains
+   - Classify by severity (CRITICAL / HIGH / MEDIUM / LOW)
+   - CQRS boundary violations (e.g., query module writing data)
+   - Module boundary violations (e.g., direct DB access from BFF)
+   - Aggregate boundary violations (cross-aggregate direct references, oversized aggregates)
+   - VO misuse (mutable VOs, VOs with identity, DTO used where VO should be)
+
+5. Naming Conventions Summary
+   - Package structure conventions (per module type)
+   - Class/method naming conventions (Kotlin style)
+   - DTO/VO naming conventions (Request/Response/Command/Query, VO naming rules)
+   - URL pattern conventions
+   - DB table/column naming
+   - Module naming conventions (what suffix: -server, -lib, -adapter)
+
+6. Common Classes/Utilities List
+   - Shared library (shared-lib) key classes and utilities
+   - Integration library (integration-lib) contracts and adapters
+   - Base classes (must not be redeclared)
+   - Shared constants/Enum management
+   - Common extension functions
+
+7. BFF Patterns Summary
+   - Feign Client declaration conventions
+   - Response composition patterns (aggregation strategy, Aggregator service usage)
+   - Aggregator vs BFF distinction (internal service aggregation vs client-facing composition)
+   - Error propagation rules (backend → BFF → client)
+   - BFF-specific middleware/filters
+   - Mobile vs Web BFF differences (if applicable)
+
+8. Security/Authentication Patterns
+   - Authentication method (JWT, Session, OAuth2)
+   - Authorization check method (@PreAuthorize, SecurityConfig, IAM server role)
+   - CORS configuration
+   - Per-environment security settings
+   - Inter-module auth (Feign interceptors, internal tokens)
+
+9. Database Patterns
+   - Table naming conventions
+   - Migration strategy (Flyway, Liquibase, manual)
+   - Audit column specification
+   - PK generation strategy
+   - Index/constraint conventions
+   - Read/Write DB separation configuration
+
+10. Testing Strategy Summary
+   - Test coverage level
+   - Test classification system (unit/integration/slice)
+   - Mocking strategy (MockK patterns)
+   - Test naming conventions (backtick style, BDD)
+   - Test data management
+   - Per-module test strategy (command tests vs query tests vs BFF tests)
+
+11. Logging/Monitoring Strategy
+   - Logger standard (kotlin-logging, SLF4J)
+   - Log level policy
+   - Structured logging approach
+   - Request/response logging
+   - Distributed tracing (if applicable)
+
+12. Performance Patterns
+   - Caching strategy (per module)
+   - Query optimization status
+   - Coroutine/async usage status
+   - Connection pool configuration
+   - Feign client timeout/retry configuration
+
+13. Build & Module Patterns
+   - Gradle Kotlin DSL conventions
+   - Dependency management (version catalogs, BOM)
+   - Module dependency rules (who depends on whom)
+   - Shared dependency extraction patterns
+
+14. Code Quality Tools (infer from configuration/build analysis in Pass 1)
+   - Lint/Format tools (ktlint, detekt, Spotless)
+   - Code review rules
+   - CI integration status
+
+Do not generate code. Merge only.
+Save results to claudeos-core/generated/pass2-merged.json.