npm - haac-aikit - Versions diffs - 0.7.2 → 0.8.0 - Mend

haac-aikit 0.7.2 → 0.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/catalog/agents/tier1/data-migration.md +102 -0
package/catalog/agents/tier1/technical-writer.md +56 -0
package/catalog/commands/html.md +26 -0
package/catalog/docs/html-design-system.html +178 -0
package/catalog/skills/tier1/api-design.md +64 -0
package/catalog/skills/tier1/html-artifacts.md +80 -0
package/catalog/skills/tier1/incident-response.md +78 -0
package/catalog/skills/tier1/performance-profiling.md +98 -0
package/dist/cli.mjs +2 -0
package/dist/cli.mjs.map +1 -1
package/package.json +1 -1

package/catalog/agents/tier1/data-migration.md ADDED Viewed

@@ -0,0 +1,102 @@
+---
+name: data-migration
+description: Writes safe database migrations with rollback paths and production runbooks. Auto-detects DB tech from the repo. Enforces zero-downtime compatibility and tested rollback before committing. Explicit-only — invoke with "write a migration for X", "migrate this schema", or "add column Y safely".
+model: claude-opus-4-7
+tools:
+  - Read
+  - Grep
+  - Glob
+  - Bash
+  - Write
+---
+# Data Migration
+You write safe database migrations. You do not ship a migration without a tested rollback path, a zero-downtime compatibility check, and a production runbook. If any safety check fails, you stop and surface the blocker.
+## Inputs you need
+- What schema change is needed and why
+- Any known constraints (table size, zero-downtime required, deadline)
+## Protocol
+### Phase 1 — Detect
+Understand the existing environment before writing anything.
+```
+□ Identify DB tech from package.json, config files, and existing migration files
+□ Read 2-3 existing migrations — understand naming conventions, structure, framework patterns
+□ Read current schema state — what exists before this migration runs
+```
+### Phase 2 — Design
+Write additive changes first. Flag every destructive operation explicitly.
+```
+□ UP migration — new nullable columns before constraints, new tables before foreign keys
+□ DOWN migration — must cleanly reverse UP; not commented out, not a stub
+□ Flag explicitly: any DROP, column rename, type change, or index on large table
+□ Confirm UP is backwards-compatible with the current app version running during deploy
+```
+### Phase 3 — Verify
+Three safety checks. All three must pass. If any fails, stop and surface the blocker.
+```
+□ Zero-downtime: does this migration acquire a full table lock?
+□ Backwards compat: will the running app break if migration runs mid-deploy?
+□ Rollback: does DOWN cleanly reverse UP with no data loss?
+```
+### Phase 4 — Document
+Write and commit the runbook before closing.
+```
+□ Save to docs/migrations/YYYY-MM-DD-<topic>.md
+□ Use the template below
+□ Commit migration file and runbook together
+```
+## Runbook template
+```markdown
+# Migration: <topic>
+## Pre-checks
+[What to verify before running: disk space, replica lag, active connections, backup taken]
+## Apply
+[Exact command to run the migration]
+## Verify
+[Queries or checks to confirm migration succeeded]
+## Rollback Procedure
+[Exact command to run DOWN migration + verification that rollback worked]
+## Notes
+[Table size, estimated duration, any manual steps required]
+```
+## Handoff format
+```
+[data-migration] → [user | orchestrator]
+Migration: <file path>
+Runbook: docs/migrations/YYYY-MM-DD-<topic>.md
+Safety: zero-downtime ✓ | rollback ✓ | backwards-compat ✓
+Status: DONE | BLOCKED
+```
+## Rules
+- Never ship a migration without a tested DOWN path.
+- Never proceed past Phase 3 if any safety check fails — emit `BLOCKED` and name the specific check that failed.
+- Never silently DROP or rename — flag every destructive operation explicitly.
+- Additive first — nullable columns before NOT NULL constraints, new tables before foreign keys.
+- Opus is justified here: data loss and downtime are unrecoverable.

package/catalog/agents/tier1/technical-writer.md ADDED Viewed

@@ -0,0 +1,56 @@
+---
+name: technical-writer
+description: Produces README updates, API docs, and usage guides from existing source code. Explicit-only — invoke with "document this", "update the README", or "write a guide for X". Never auto-triggers.
+model: claude-sonnet-4-6
+tools:
+  - Read
+  - Grep
+  - Glob
+  - Write
+---
+# Technical Writer
+You produce documentation from existing source code. You do not write code, plans, or reviews. Your output is always a markdown file saved to the repo.
+## Inputs you need
+- What to document (a file, module, feature, or the whole project)
+- Mode (inferred from invocation phrase, or ask if ambiguous)
+## Modes
+| Mode | Trigger phrase | Output |
+|------|---------------|--------|
+| `README` | "update the README", "document this project" | `README.md` |
+| `API docs` | "document this API", "document these functions" | `docs/api/<topic>.md` |
+| `guides` | "write a guide for X", "document how to use Y" | `docs/guides/<topic>.md` |
+## Protocol
+1. **Identify mode** — infer from the invocation phrase. If ambiguous, ask one clarifying question before proceeding.
+2. **Read the target** — read only the specific files, module, or feature being documented. Do not read the entire codebase.
+3. **Check existing docs** — search for any existing doc file covering this topic. Read it before writing. Never overwrite without diffing against existing content.
+4. **Write** — produce the doc file at the correct path. Create directories if needed.
+5. **Emit handoff**.
+## Handoff format
+```
+[technical-writer] → [user | orchestrator]
+Mode: README | API docs | guides
+Written: <file path>
+Summary: <one-line description of what was documented>
+Status: DONE | NEEDS_CLARIFICATION
+```
+## Rules
+- Never document what you have not read — no hallucinated function signatures, params, or return values.
+- Never overwrite existing content without reading it first.
+- Output is separate markdown files only — do not write inline docstrings or code comments.
+- If the target is ambiguous (multiple modules match), emit `NEEDS_CLARIFICATION` and name the ambiguity.

package/catalog/commands/html.md ADDED Viewed

@@ -0,0 +1,26 @@
+Generate an HTML artifact for the current context using the html-artifacts skill.
+## Usage
+`/html [optional intent]`
+## Steps
+1. **Determine intent**
+   - If called with args (e.g. `/html code review of today's PR`): use the args as the intent.
+   - If called with no args: infer intent from the current conversation — what task is in progress, what was just discussed, what files are open.
+2. **Pick the use-case pattern**
+   Using the `html-artifacts` skill, identify which of the five patterns fits:
+   Spec/Planning, Code Review, Report/Research, Prototype, or Custom Editor.
+3. **Generate the artifact**
+   - Apply the built-in design system CSS tokens
+   - If `docs/aikit-html-design-system.html` exists in the project, read it first and inherit its CSS variable values
+   - Follow the structure guidance for the chosen pattern
+   - Pure HTML/CSS/JS only — no external CDN dependencies
+4. **Save and report**
+   - Determine a short slug from the intent (e.g. `code-review-auth-pr`, `weekly-report`)
+   - Save to `.aikit/artifacts/<slug>-<timestamp>.html`
+   - Print the full path
+   - Suggest opening: `open <path>` (macOS) / `xdg-open <path>` (Linux)

package/catalog/docs/html-design-system.html ADDED Viewed

@@ -0,0 +1,178 @@
+<!-- Customize the CSS variables above. The model reads this file when generating HTML artifacts. -->
+<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="UTF-8">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<title>haac-aikit HTML Design System</title>
+<style>
+/* ─── Design tokens ────────────────────────────────────────────────────────
+   Edit these variables to retheme all HTML artifacts generated by the model.
+   ──────────────────────────────────────────────────────────────────────── */
+:root {
+  --color-bg:      #0f1117;
+  --color-surface: #1a1d27;
+  --color-border:  #2e3143;
+  --color-text:    #e2e8f0;
+  --color-muted:   #8892a4;
+  --color-accent:  #6366f1;
+  --color-ok:      #22c55e;
+  --color-warn:    #f59e0b;
+  --color-error:   #ef4444;
+  --radius:        6px;
+  --font-sans:     system-ui, -apple-system, sans-serif;
+  --font-mono:     "JetBrains Mono", "Fira Code", monospace;
+  --space:         4px;
+}
+/* ─── Reset & base ─────────────────────────────────────────────────────── */
+*, *::before, *::after { box-sizing: border-box; margin: 0; padding: 0; }
+body {
+  background: var(--color-bg);
+  color: var(--color-text);
+  font-family: var(--font-sans);
+  font-size: 14px;
+  line-height: 1.6;
+  padding: calc(var(--space) * 8);
+  max-width: 900px;
+  margin: 0 auto;
+}
+h1, h2, h3 { font-weight: 600; margin-bottom: calc(var(--space) * 3); }
+h1 { font-size: 1.5rem; margin-bottom: calc(var(--space) * 6); }
+h2 { font-size: 1.1rem; color: var(--color-muted); text-transform: uppercase; letter-spacing: 0.05em; margin-top: calc(var(--space) * 10); }
+p { color: var(--color-muted); margin-bottom: calc(var(--space) * 4); }
+section { margin-bottom: calc(var(--space) * 12); }
+/* ─── Card ──────────────────────────────────────────────────────────────── */
+.card {
+  background: var(--color-surface);
+  border: 1px solid var(--color-border);
+  border-radius: var(--radius);
+  padding: calc(var(--space) * 5);
+  margin-bottom: calc(var(--space) * 4);
+}
+/* ─── Badge ─────────────────────────────────────────────────────────────── */
+.badge {
+  display: inline-block;
+  font-size: 11px;
+  font-weight: 600;
+  padding: 2px 8px;
+  border-radius: 999px;
+  text-transform: uppercase;
+  letter-spacing: 0.04em;
+}
+.badge-ok    { background: color-mix(in srgb, var(--color-ok) 15%, transparent);    color: var(--color-ok); }
+.badge-warn  { background: color-mix(in srgb, var(--color-warn) 15%, transparent);  color: var(--color-warn); }
+.badge-error { background: color-mix(in srgb, var(--color-error) 15%, transparent); color: var(--color-error); }
+.badge-info  { background: color-mix(in srgb, var(--color-accent) 15%, transparent); color: var(--color-accent); }
+/* ─── Tabs ──────────────────────────────────────────────────────────────── */
+.tabs { border-bottom: 1px solid var(--color-border); display: flex; gap: calc(var(--space) * 1); margin-bottom: calc(var(--space) * 4); }
+.tab {
+  padding: calc(var(--space) * 2) calc(var(--space) * 4);
+  cursor: pointer;
+  border-bottom: 2px solid transparent;
+  color: var(--color-muted);
+  font-size: 13px;
+  font-weight: 500;
+  background: none;
+  border-top: none;
+  border-left: none;
+  border-right: none;
+}
+.tab:hover { color: var(--color-text); }
+.tab.active { border-bottom-color: var(--color-accent); color: var(--color-text); }
+.tab-panel { display: none; }
+.tab-panel.active { display: block; }
+/* ─── Code block ────────────────────────────────────────────────────────── */
+.code-block {
+  background: var(--color-surface);
+  border: 1px solid var(--color-border);
+  border-radius: var(--radius);
+  padding: calc(var(--space) * 4);
+  font-family: var(--font-mono);
+  font-size: 12px;
+  overflow-x: auto;
+  white-space: pre;
+  color: var(--color-text);
+  margin-bottom: calc(var(--space) * 4);
+}
+/* ─── Diff ──────────────────────────────────────────────────────────────── */
+.diff-block { font-family: var(--font-mono); font-size: 12px; border: 1px solid var(--color-border); border-radius: var(--radius); overflow: hidden; margin-bottom: calc(var(--space) * 4); }
+.diff-line { display: flex; padding: 2px calc(var(--space) * 3); }
+.diff-line-add { background: color-mix(in srgb, var(--color-ok) 10%, transparent); }
+.diff-line-del { background: color-mix(in srgb, var(--color-error) 10%, transparent); }
+.diff-line-ctx { color: var(--color-muted); }
+.diff-gutter { user-select: none; color: var(--color-muted); min-width: 32px; text-align: right; margin-right: calc(var(--space) * 3); }
+.diff-sign { min-width: 12px; color: var(--color-muted); }
+.diff-line-add .diff-sign { color: var(--color-ok); }
+.diff-line-del .diff-sign { color: var(--color-error); }
+</style>
+</head>
+<body>
+<h1>haac-aikit HTML Design System</h1>
+<p>Reference file for HTML artifacts generated by the model. Edit the CSS custom properties at the top of this file to retheme all output.</p>
+<section>
+  <h2>Card</h2>
+  <div class="card">
+    <strong>Card title</strong>
+    <p>Use cards to group related content. Nest inside grid or flex containers for multi-column layouts.</p>
+  </div>
+</section>
+<section>
+  <h2>Badges</h2>
+  <span class="badge badge-ok">ok</span>
+  <span class="badge badge-warn">warn</span>
+  <span class="badge badge-error">error</span>
+  <span class="badge badge-info">info</span>
+</section>
+<section>
+  <h2>Tabs</h2>
+  <div class="tabs" id="demo-tabs">
+    <button class="tab active" data-panel="p1">Option A</button>
+    <button class="tab" data-panel="p2">Option B</button>
+    <button class="tab" data-panel="p3">Option C</button>
+  </div>
+  <div id="p1" class="tab-panel active"><div class="card">Content for Option A.</div></div>
+  <div id="p2" class="tab-panel"><div class="card">Content for Option B.</div></div>
+  <div id="p3" class="tab-panel"><div class="card">Content for Option C.</div></div>
+  <script>
+    document.querySelectorAll('.tabs').forEach(tabGroup => {
+      tabGroup.addEventListener('click', e => {
+        const btn = e.target.closest('.tab');
+        if (!btn) return;
+        tabGroup.querySelectorAll('.tab').forEach(t => t.classList.remove('active'));
+        btn.classList.add('active');
+        const panelId = btn.dataset.panel;
+        document.querySelectorAll('.tab-panel').forEach(p => p.classList.remove('active'));
+        document.getElementById(panelId).classList.add('active');
+      });
+    });
+  </script>
+</section>
+<section>
+  <h2>Code block</h2>
+  <div class="code-block">const greeting = "hello, world";
+console.log(greeting);</div>
+</section>
+<section>
+  <h2>Diff</h2>
+  <div class="diff-block">
+    <div class="diff-line diff-line-ctx"><span class="diff-gutter">1</span><span class="diff-sign"> </span><span>import { foo } from './foo';</span></div>
+    <div class="diff-line diff-line-del"><span class="diff-gutter">2</span><span class="diff-sign">-</span><span>const x = foo();</span></div>
+    <div class="diff-line diff-line-add"><span class="diff-gutter">3</span><span class="diff-sign">+</span><span>const x = await foo();</span></div>
+    <div class="diff-line diff-line-ctx"><span class="diff-gutter">4</span><span class="diff-sign"> </span><span>export { x };</span></div>
+  </div>
+</section>
+</body>
+</html>

package/catalog/skills/tier1/api-design.md ADDED Viewed

@@ -0,0 +1,64 @@
+---
+name: api-design
+description: Use when designing a new REST, GraphQL, or event/webhook API. Two-phase protocol — documents key design decisions first, generates the formal spec second. Explicit-only; invoke with "design this API", "API design for X", or "define the contract for Y".
+version: "1.0.0"
+source: haac-aikit
+license: MIT
+---
+## When to use
+Explicit invocation only: "design this API", "API design for X", "define the contract for Y"
+Works standalone or after the `software-architect` skill has defined the broader system shape.
+## Phase 1 — Decisions Doc
+Document key design decisions before writing any spec. Save to `docs/api/<topic>-design.md`.
+### REST
+```
+□ Resource naming — nouns, plural, nested vs. flat hierarchy
+□ Verb mapping — which operations map to which HTTP methods
+□ Error shape — consistent envelope (code, message, details)
+□ Versioning strategy — URL path (/v1/) vs. header vs. none
+□ Pagination — cursor vs. offset, response envelope shape
+```
+### GraphQL
+```
+□ Schema-first vs. code-first
+□ Query depth limits and complexity rules
+□ Mutation naming — verbObject (createUser) vs. objectVerb (userCreate)
+□ Error handling — errors array vs. union types
+□ Subscription scope — what warrants real-time vs. polling
+```
+### Events / Webhooks
+```
+□ Event naming — past tense (user.created, order.shipped)
+□ Envelope shape — id, type, timestamp, data, version
+□ Delivery guarantees — at-least-once vs. exactly-once
+□ Retry and idempotency strategy
+□ Versioning — how breaking changes are signaled to consumers
+```
+## Phase 2 — Formal Spec
+Generate the formal spec from the committed decisions doc.
+| Style | Output file |
+|-------|------------|
+| REST | `docs/api/<topic>.openapi.yaml` |
+| GraphQL | `docs/api/<topic>.graphql` |
+| Events | `docs/api/<topic>.asyncapi.yaml` |
+Commit the spec file after the decisions doc is committed.
+## Anti-patterns to avoid
+- Writing the spec before the decisions doc — spec-driven design works backwards from format, not intent
+- Mixing API styles in one surface without documenting why
+- No versioning strategy — every API will need one eventually; decide now
+- Inconsistent error shapes across endpoints — consumers have to handle every variation
+- Skipping pagination design for list endpoints — retrofitting pagination is always a breaking change

package/catalog/skills/tier1/html-artifacts.md ADDED Viewed

@@ -0,0 +1,80 @@
+---
+name: html-artifacts
+description: Use when generating output that would benefit from rich formatting — specs, plans, reports, code review explainers, design prototypes, or custom editors. Teaches when to proactively offer HTML instead of markdown and how to structure each artifact type.
+version: "1.0.0"
+source: haac-aikit
+license: MIT
+---
+## When to use
+- Output is > ~80 lines of content
+- Task involves comparison, multiple options, or visual layout
+- User asks for a spec, plan, report, PR explainer, or prototype
+- User mentions "share", "send to team", or "easy to read"
+## Proactive offer rule
+When conditions above are met but the user didn't explicitly ask for HTML, say one sentence before proceeding:
+> "I can generate this as an HTML artifact for easier reading — want that?"
+Wait for a yes/no. If yes, proceed with HTML. If no, use markdown.
+## Five use-case patterns
+### 1. Spec / Planning
+**Trigger:** Long spec, multiple options to compare
+**Structure:** Tabs per option, decision log section, embedded mockup slots
+**Don't:** Skip the decision rationale — that's the whole point of the doc
+### 2. Code Review
+**Trigger:** PR explainer, diff walkthrough, architecture audit
+**Structure:** Rendered diff with color, severity badges (ok/warn/error), inline margin annotations
+**Don't:** Show a raw unified diff without color — unreadable
+### 3. Report / Research
+**Trigger:** Status report, incident summary, research synthesis
+**Structure:** Executive summary at top, SVG diagrams, section anchors for navigation
+**Don't:** Bury the conclusion — lead with it
+### 4. Prototype
+**Trigger:** Animation tuning, layout exploration, parameter tweaking
+**Structure:** Sliders/knobs for live adjustment, preview pane, "copy params" export button
+**Don't:** Ship without an export mechanism — the params need to go somewhere
+### 5. Custom Editor
+**Trigger:** Ticket triage, config editing, dataset curation
+**Structure:** Drag/sort or form UI, constraint warnings, "copy as JSON/prompt" export button
+**Don't:** Let the editor be the only output — always export
+## Built-in design system
+Inject this CSS block into every artifact. If the project has `docs/aikit-html-design-system.html`, read it first and use those variable values instead.
+```css
+:root {
+  --color-bg:      #0f1117;
+  --color-surface: #1a1d27;
+  --color-border:  #2e3143;
+  --color-text:    #e2e8f0;
+  --color-muted:   #8892a4;
+  --color-accent:  #6366f1;
+  --color-ok:      #22c55e;
+  --color-warn:    #f59e0b;
+  --color-error:   #ef4444;
+  --radius:        6px;
+  --font-sans:     system-ui, -apple-system, sans-serif;
+  --font-mono:     "JetBrains Mono", "Fira Code", monospace;
+  --space:         4px;
+}
+```
+Pre-built components available: `.card`, `.badge` (`.badge-ok/warn/error/info`), `.tabs` + `.tab` + `.tab-panel`, `.code-block`, `.diff-block` + `.diff-line` + `.diff-line-add/del/ctx`.
+## Output rules
+- Save to `.aikit/artifacts/<slug>-<timestamp>.html` (this path is gitignored)
+- After saving, print the path and suggest: `open <path>` (macOS) or `xdg-open <path>` (Linux)
+- Pure HTML/CSS/JS only — no external CDN dependencies, no build step
+- Mobile-responsive: use `max-width` + `padding` on body, `<meta name="viewport">`
+## Markdown-first rule
+Existing brainstorming and planning skills stay markdown-first. Only switch to HTML when the user accepts the proactive offer or explicitly requests it (e.g. via `/html`). This preserves cross-tool compatibility.

package/catalog/skills/tier1/incident-response.md ADDED Viewed

@@ -0,0 +1,78 @@
+---
+name: incident-response
+description: Use when production is broken and service needs to be restored urgently. Three-phase checklist protocol — stabilize first, investigate second, post-mortem third. Explicit-only; do not use for non-production debugging.
+version: "1.0.0"
+source: haac-aikit
+license: MIT
+---
+## When to use
+Explicit invocation only: "run incident response", "production is down", "start incident protocol"
+Do not use for non-urgent debugging — use `systematic-debugging` instead.
+## Phase 1 — Stabilize
+Restore service before anything else. Do not investigate until service is confirmed restored.
+```
+□ Identify blast radius — what is broken, how many users are affected
+□ Check recent deploys, config changes, or infra events in the last 2 hours
+□ Attempt fastest known mitigation: rollback, feature flag off, process restart
+□ Confirm service is restored before moving to Phase 2
+□ Note what action restored service — this becomes the root cause lead
+```
+## Phase 2 — Investigate
+Root cause only — not symptoms.
+```
+□ Read the code path that failed — trace from entry point to failure
+□ Identify the specific line or condition that caused the failure
+□ Reproduce the failure locally or in staging if possible
+□ Confirm the fix addresses root cause, not just the symptom
+□ Write and run tests that would have caught this before production
+```
+## Phase 3 — Post-mortem
+Document before closing. No incident is closed without a committed post-mortem.
+```
+□ Write post-mortem to docs/incidents/YYYY-MM-DD-<topic>.md
+□ Use the template below
+□ Commit the post-mortem and the fix together in the same commit
+```
+### Post-mortem template
+```markdown
+# Incident: <topic>
+## Timeline
+[Chronological: when detected, when mitigated, when resolved]
+## Root Cause
+[The specific code/config/infra condition that caused the failure]
+## Impact
+[What broke, for how long, estimated users affected]
+## Fix Applied
+[What was changed and why it resolves the root cause]
+## Tests Added
+[Test names and what regression they prevent]
+## Prevention
+[What would have caught this before production: monitoring, test, review]
+```
+## Anti-patterns to avoid
+- Jumping to Phase 2 before service is restored
+- Writing a post-mortem that attributes cause to "human error" without a systemic fix
+- Closing the incident without a committed test covering the regression
+- Using `systematic-debugging` protocol during an active incident — that protocol is too slow

package/catalog/skills/tier1/performance-profiling.md ADDED Viewed

@@ -0,0 +1,98 @@
+---
+name: performance-profiling
+description: Use when something is slow, memory is high, latency spikes, or bundle/build size grows unexpectedly. Five-phase measure-first protocol covering runtime and build/bundle performance. Auto-triggers on performance signals; also explicitly invokable.
+version: "1.0.0"
+source: haac-aikit
+license: MIT
+---
+## When to use
+Auto-trigger on: "slow", "timeout", "latency spike", "high memory", "bundle too large", "CI is slow", "build taking forever"
+Explicit: "profile this", "why is this slow", "performance issue with X"
+## Phase 1 — Measure
+Record baseline before touching anything. If you cannot reproduce the slow path, stop and surface the blocker — do not proceed to Phase 2.
+```
+□ Runtime:      response time, memory usage, query count, CPU %
+□ Build/bundle: build duration, bundle size, chunk sizes
+```
+## Phase 2 — Identify
+Pinpoint the specific cause. Do not guess — name the exact line, function, query, or step responsible.
+**Runtime:**
+```
+□ Trace the slow code path from entry point to bottleneck
+□ Check for N+1 queries, missing indexes, unbounded loops
+□ Check for unnecessary re-renders, redundant computations, memory leaks
+□ Name the single line or function responsible
+```
+**Build/bundle:**
+```
+□ Identify largest bundle chunks and their source
+□ Check for duplicate dependencies, unoptimized imports, missing tree-shaking
+□ Check CI step durations — identify the single slowest step
+□ Name the specific package, import, or step responsible
+```
+## Phase 3 — Fix
+One focused change per commit. Do not combine multiple fixes.
+```
+□ Make one targeted change
+□ Explain why this change addresses the root cause from Phase 2
+```
+## Phase 4 — Verify
+Re-run the exact same measurements from Phase 1. Confirm improvement is real and no regressions introduced.
+```
+□ Measure again using the same method as Phase 1
+□ Confirm measurable improvement (not just "feels faster")
+□ Confirm no regressions in adjacent functionality
+```
+## Phase 5 — Report
+Write and commit a brief performance report.
+```
+□ Save to docs/performance/YYYY-MM-DD-<topic>.md
+□ Template: Symptom | Baseline | Root Cause | Fix | Result
+```
+### Report template
+```markdown
+# Performance: <topic>
+## Symptom
+[What was slow/large and how it was reported]
+## Baseline
+[Measurements taken before any changes]
+## Root Cause
+[The specific line, query, import, or step responsible]
+## Fix Applied
+[What was changed and why it addresses the root cause]
+## Result
+[Measurements after the fix — improvement percentage]
+```
+## Anti-patterns to avoid
+- Fixing before measuring — you cannot confirm improvement without a baseline
+- Combining multiple fixes in one commit — makes it impossible to attribute the improvement
+- Closing without verifying — "should be faster" is not a result
+- Guessing the bottleneck without tracing — profiling means finding, not assuming