moicle 2.3.0 → 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (32) hide show
  1. package/README.md +36 -47
  2. package/assets/commands/marketing.md +6 -6
  3. package/assets/skills/docs/sync/SKILL.md +195 -157
  4. package/assets/skills/feature/build/SKILL.md +891 -0
  5. package/assets/skills/feature/track/SKILL.md +157 -0
  6. package/assets/skills/fix/bug/SKILL.md +449 -0
  7. package/assets/skills/fix/incident/SKILL.md +6 -6
  8. package/assets/skills/marketing/brand/SKILL.md +304 -0
  9. package/assets/skills/marketing/content/SKILL.md +199 -141
  10. package/assets/skills/research/explore/SKILL.md +392 -0
  11. package/assets/skills/review/code/SKILL.md +622 -0
  12. package/dist/commands/install/usage.js +2 -2
  13. package/dist/commands/install/usage.js.map +1 -1
  14. package/package.json +1 -1
  15. package/assets/skills/docs/write/SKILL.md +0 -274
  16. package/assets/skills/feature/api/SKILL.md +0 -277
  17. package/assets/skills/feature/deprecate/SKILL.md +0 -276
  18. package/assets/skills/feature/new/SKILL.md +0 -273
  19. package/assets/skills/feature/refactor/SKILL.md +0 -269
  20. package/assets/skills/fix/hotfix/SKILL.md +0 -233
  21. package/assets/skills/fix/pr-comment/SKILL.md +0 -186
  22. package/assets/skills/fix/root-cause/SKILL.md +0 -276
  23. package/assets/skills/marketing/logo/SKILL.md +0 -252
  24. package/assets/skills/marketing/seo-blog/SKILL.md +0 -367
  25. package/assets/skills/marketing/video/SKILL.md +0 -258
  26. package/assets/skills/research/onboarding/SKILL.md +0 -225
  27. package/assets/skills/research/spike/SKILL.md +0 -228
  28. package/assets/skills/research/web/SKILL.md +0 -204
  29. package/assets/skills/review/architect/SKILL.md +0 -274
  30. package/assets/skills/review/branch/SKILL.md +0 -277
  31. package/assets/skills/review/pr/SKILL.md +0 -231
  32. package/assets/skills/review/tdd/SKILL.md +0 -245
@@ -1,274 +0,0 @@
1
- ---
2
- name: review-architect
3
- description: DDD architecture compliance review with automated checks and review loop. Use when user says "architect-review", "architecture review", "review architecture", "check architecture", "review ddd", "ddd review".
4
- args: "[ARCHITECTURE_NAME] [DOMAIN]"
5
- ---
6
-
7
- # DDD Architecture Review
8
-
9
- Audit a codebase (or a single domain) against DDD rules with automated checks, manual review, and a fix loop until score ≥ B.
10
-
11
- ## When to use this skill
12
-
13
- - ✅ Verify DDD compliance after `/feature-new` or `/feature-refactor`
14
- - ✅ Periodic audit of an existing codebase
15
- - ✅ Quality gate before merging architectural changes
16
- - ❌ Full PR review (arch + code + security + tests) → use `/review-pr`
17
- - ❌ Self-review own branch before push → use `/review-branch`
18
- - ❌ Security-only audit → use `@security-audit` agent
19
-
20
- ## Usage
21
-
22
- ```
23
- /review-architect <architecture> [domain]
24
- /review-architect # auto-detect stack
25
- ```
26
-
27
- Examples: `/review-architect go-backend wallet`, `/review-architect react-frontend`.
28
-
29
- ## Supported architectures
30
-
31
- Aliases: `ddd → ddd-architecture`, `go → go-backend`, `react → react-frontend`, `flutter → flutter-mobile`, `laravel → laravel-backend`, `remix → remix-fullstack`, `nestjs → nodejs-nestjs`, `mono → monorepo`.
32
-
33
- Files live at `.claude/architecture/{name}.md` (project) → `~/.claude/architecture/{name}.md` (global).
34
-
35
- ---
36
-
37
- ## Workflow
38
-
39
- ```
40
- RESOLVE → LOAD RULES → AUTOMATED CHECKS → MANUAL REVIEW → REPORT → FIX LOOP
41
- ```
42
-
43
- ---
44
-
45
- ## Phase 0: RESOLVE ARCHITECTURE
46
-
47
- ### Argument provided
48
- 1. Normalize via alias table → search project then global
49
- 2. Found → Phase 1. Not found → reject with available list, STOP.
50
-
51
- ### No argument
52
- 1. Detect stack via `~/.claude/architecture/_shared/stack-detection.md`
53
- 2. Detected → confirm with user. Not detected → list options, ask.
54
-
55
- ### Gate
56
- - [ ] Architecture file loaded
57
- - [ ] Domain identified (if scoped)
58
-
59
- ---
60
-
61
- ## Phase 1: LOAD RULES
62
-
63
- Read `ddd-architecture.md` (core) + the stack doc. Extract:
64
- - DDD directory layout
65
- - Layer import rules + forbidden imports
66
- - Hard rules (HR1-HR15)
67
- - Stack-specific check scripts
68
- - Wiring + test patterns
69
-
70
- ### Gate
71
- - [ ] Core + stack rules loaded
72
- - [ ] Check scripts extracted
73
- - [ ] Review checklist prepared
74
-
75
- ---
76
-
77
- ## Phase 2: AUTOMATED CHECKS
78
-
79
- Run the stack-specific check scripts from the architecture doc. They follow this universal pattern (adapt per stack):
80
-
81
- ```bash
82
- echo "R1: Build" ; {build} && echo PASS || echo FAIL
83
- echo "R2: Lint/Vet" ; {lint} && echo PASS || echo FAIL
84
- echo "R3: Domain pure" ; {grep_forbidden in domain/} && echo FAIL || echo PASS
85
- echo "R4: No cross-dom" ; {grep_domain_A in domain_B} && echo FAIL || echo PASS
86
- echo "R5: No cycles" ; {cycle_check} && echo FAIL || echo PASS
87
- echo "R6: Tests exist" ; {find_tests_in_domain} | wc -l
88
- echo "R7: Tests pass" ; {test} && echo PASS || echo FAIL
89
- echo "R8: Wiring reg" ; {check_routes_registered}
90
- echo "R9: Event names" ; {check_event_consistency}
91
- echo "R10: Async ctx" ; {check_no_request_context_in_goroutines}
92
- ```
93
-
94
- Record PASS/FAIL per check. Continue to Phase 3 either way — manual review catches what automated misses.
95
-
96
- ### Gate
97
- - [ ] All 10 automated checks run
98
- - [ ] PASS/FAIL recorded
99
-
100
- ---
101
-
102
- ## Phase 3: MANUAL REVIEW
103
-
104
- Focus on **architecture structure**, not business correctness. 10 areas:
105
-
106
- ### D — Directory Structure
107
- - D1 `domain/{domain}/` exists with proper subdirs
108
- - D2 Has `entities/`, `ports/`, `usecases/` at minimum
109
- - D3 `valueobjects/` separate (not mixed in entities)
110
- - D4 `events/` separate, 1 file per event
111
- - D5 Application layer: `ports/{transport}/`, `services/`, `listeners/`
112
- - D6 Infrastructure implements ports
113
- - D7 No legacy dirs (`modules/`, flat structure)
114
-
115
- ### E — Entities
116
- - E1 Has constructor (`New{Entity}` / `create()`)
117
- - E2 Has behavior methods (NOT anemic)
118
- - E3 Raises domain events on state change
119
- - E4 No framework imports
120
- - E5 Has mappers (if persisted)
121
-
122
- ### VO — Value Objects
123
- - VO1 In `valueobjects/`, not entities
124
- - VO2 Only stdlib imports
125
- - VO3 Immutable with behavior methods
126
- - VO4 Used by entities + ports (not raw strings)
127
-
128
- ### P — Ports
129
- - P1 `ports/` dir exists (no inline interfaces in usecases)
130
- - P2 One file per port
131
- - P3 Each file has interface + related DTOs
132
- - P4 Domain types in signatures (not primitives)
133
- - P5 Platform-agnostic naming (`URLParser` not `ShopeeURLParser`)
134
- - P6 No infrastructure imports
135
-
136
- ### EV — Events
137
- - EV1 One file per event
138
- - EV2 Extends base event type
139
- - EV3 Carries data for listeners
140
- - EV4 Name matches registry
141
-
142
- ### U — UseCases
143
- - U1 Uses port interfaces (not inline)
144
- - U2 Split by concern (≤200 lines/file)
145
- - U3 Business logic lives here (not in handler / store / service)
146
- - U4 No infrastructure imports
147
- - U5 Dispatches events after persistence
148
- - U6 No `deps.go` inline interfaces
149
-
150
- ### SVC — Services
151
- - SVC1 Thin wrapper, delegates to usecases
152
- - SVC2 No infrastructure imports
153
-
154
- ### H — Handlers / Controllers
155
- - H1 Has registration function
156
- - H2 Thin (parse → service → respond)
157
- - H3 No business logic
158
- - H4 DTOs in separate file
159
-
160
- ### L — Listeners
161
- - L1 One per event (`on_{event}` naming)
162
- - L2 Side-effects only
163
- - L3 Registered in event bus
164
- - L4 Background context (not request ctx)
165
-
166
- ### I — Infrastructure
167
- - I1 Implements port interface
168
- - I2 Has mappers (domain ↔ persistence)
169
- - I3 No business logic
170
- - I4 Compile-time interface check (where possible)
171
-
172
- ### Gate
173
- - [ ] All 10 areas reviewed
174
- - [ ] Findings categorized by severity (see `~/.claude/architecture/_shared/severity-levels.md`)
175
-
176
- ---
177
-
178
- ## Phase 4: REPORT
179
-
180
- ```markdown
181
- ## Architecture Review: {architecture} / {domain}
182
-
183
- ### Automated (R1-R10)
184
- | # | Check | Status |
185
- |---|-------|--------|
186
- | R1 | Build | PASS/FAIL |
187
- | ... | ... | ... |
188
-
189
- ### Manual review
190
- | Area | Status | Violations |
191
- |------|--------|------------|
192
- | Directory (D1-D7) | OK / ISSUE | ... |
193
- | Entities (E1-E5) | OK / ISSUE | ... |
194
- | ... | ... | ... |
195
-
196
- ### Violations
197
- 1. [SEVERITY] code:file:line — description
198
- 2. ...
199
-
200
- ### Recommended fixes
201
- 1. ...
202
-
203
- ### Overall Score: {A/B/C/D/F}
204
- ```
205
-
206
- ### Scoring
207
-
208
- | Score | Criteria |
209
- |-------|----------|
210
- | **A** | 0 violations, all R1-R10 PASS |
211
- | **B** | 0 CRITICAL/HIGH, max 3 MEDIUM |
212
- | **C** | 0 CRITICAL, max 2 HIGH |
213
- | **D** | Has CRITICAL or 3+ HIGH |
214
- | **F** | Multiple CRITICAL — architecture broken |
215
-
216
- ### Gate
217
- - [ ] Report generated
218
- - [ ] Score calculated
219
- - [ ] All violations have file:line
220
-
221
- ---
222
-
223
- ## Phase 5: FIX LOOP (if user confirms)
224
-
225
- ```
226
- LOOP:
227
- 1. Fix all violations
228
- 2. Re-run automated checks (Phase 2)
229
- 3. Re-run manual review (Phase 3)
230
- 4. IF violations severity ≥ MEDIUM → GOTO 1
231
- 5. IF only LOW or none → BREAK, final report
232
- ```
233
-
234
- Verify after each iteration: build passes, tests pass, domain purity holds.
235
-
236
- ---
237
-
238
- ## Calling from other skills
239
-
240
- `/feature-new` and `/feature-refactor` call this skill at the end of their workflows. When called from another skill:
241
- - Skip Phase 0 (architecture already known)
242
- - Skip user confirmation for fixes (auto-fix in loop)
243
- - Report final score back to caller
244
-
245
- ---
246
-
247
- ## Hard Rules
248
-
249
- - **All CRITICAL/HIGH must be fixed** before merge
250
- - **MEDIUM allowed with waiver** (explicit decision + comment)
251
- - **Don't grade-inflate** — if it's a HIGH, mark HIGH
252
- - **Don't skip Phase 3** — automated checks miss structural issues
253
- - **File:line for every violation** — author shouldn't have to grep
254
-
255
- ---
256
-
257
- ## Related Skills
258
-
259
- | When | Use |
260
- |------|-----|
261
- | Full PR review (arch + code + security + tests) | `/review-pr` |
262
- | Self-review own branch before push | `/review-branch` |
263
- | Refactor to fix violations | `/feature-refactor` |
264
- | Add tests if missing | `/review-tdd` |
265
- | Called from `/feature-new` / `/feature-refactor` | automatic |
266
-
267
- ## Recommended Agents
268
-
269
- | Phase | Agent | Purpose |
270
- |-------|-------|---------|
271
- | LOAD | `@clean-architect` | Interpret architecture rules |
272
- | AUTOMATED | `@devops` | Build / lint / test scripts |
273
- | MANUAL | `@code-reviewer` | Spot violations |
274
- | FIX | Stack-specific dev agent | Apply fixes |
@@ -1,277 +0,0 @@
1
- ---
2
- name: review-branch
3
- description: Review local branch changes for architecture compliance, conventions, and code quality before pushing/PR. Stack-aware — detects the project stack and applies the matching rules. Use when user says "review changes", "review branch", "check branch", "check changes", "review my code", "review before pr".
4
- args: "[BASE_BRANCH]"
5
- ---
6
-
7
- # Review Local Branch Changes
8
-
9
- Self-review your branch vs a base branch before pushing or opening a PR. Checks architecture compliance, stack conventions, and code quality — on **changed files only**, not the whole codebase.
10
-
11
- **ARGUMENTS:** (optional) base branch. Default: `main` (fallback to `master`).
12
-
13
- ## When to use this skill
14
-
15
- - ✅ Before pushing your branch / opening a PR
16
- - ✅ Before asking a teammate to review (catch easy issues first)
17
- - ✅ Quick sanity check on a feature you've been working on
18
- - ❌ Reviewing someone else's PR → use `/review-pr`
19
- - ❌ Only checking DDD architecture → use `/review-architect`
20
- - ❌ Security-only sweep → use `@security-audit` agent
21
-
22
- ## Read Architecture First
23
-
24
- Detect stack via `~/.claude/architecture/_shared/stack-detection.md`. Load `ddd-architecture.md` + the stack doc — extract forbidden imports + conventions before reviewing.
25
-
26
- Severity definitions: `~/.claude/architecture/_shared/severity-levels.md` (code severity table).
27
-
28
- ---
29
-
30
- ## Workflow
31
-
32
- ```
33
- 0 DETECT → 1 COLLECT → 2 BUILD+LINT → 3 ARCH → 4 CONVENTIONS → 5 QUALITY → 6 TESTS → 7 REPORT → 8 FIX
34
- ```
35
-
36
- ---
37
-
38
- ## Phase 0: DETECT
39
-
40
- - [ ] Stack detected (ask user if ambiguous, e.g., monorepo)
41
- - [ ] Architecture doc loaded
42
- - [ ] Forbidden-imports list extracted
43
-
44
- ---
45
-
46
- ## Phase 1: COLLECT
47
-
48
- ```bash
49
- BASE=${1:-main}
50
- git rev-parse --verify "$BASE" >/dev/null 2>&1 || BASE=master
51
-
52
- git log "$BASE"..HEAD --oneline
53
- git diff "$BASE"...HEAD --stat
54
- git diff "$BASE"...HEAD --name-only --diff-filter=ACMR
55
- ```
56
-
57
- Categorize changed files by layer:
58
-
59
- | Layer | Typical paths |
60
- |-------|---------------|
61
- | Domain | `domain/`, `internal/domain/`, `src/domain/`, `lib/domain/` |
62
- | Application | `application/`, `internal/application/`, `src/application/` |
63
- | Infrastructure | `infrastructure/`, `internal/infrastructure/`, `src/infrastructure/` |
64
- | Presentation / UI | `controllers/`, `pages/`, `components/`, `views/`, `ports/http/` |
65
- | Persistence | `models/`, `entities/` (ORM), `prisma/`, `migrations/` |
66
- | Config / Bootstrap | `config/`, `bootstrap/`, `cmd/`, `main.*` |
67
-
68
- Read **all** changed files before reviewing — never skim.
69
-
70
- ---
71
-
72
- ## Phase 2: BUILD + LINT
73
-
74
- Run the stack's build + typecheck + lint commands. If any fail → mark **CRITICAL** and stop further review until they pass.
75
-
76
- ```bash
77
- # Go: go build ./... && go vet ./...
78
- # NestJS: pnpm typecheck && pnpm lint
79
- # Laravel: composer dump-autoload && ./vendor/bin/phpstan analyse
80
- # Flutter: dart analyze
81
- # React/Remix: pnpm typecheck && pnpm lint
82
- ```
83
-
84
- ---
85
-
86
- ## Phase 3: ARCHITECTURE (changed files only)
87
-
88
- Apply the stack's rules. Common checks per layer:
89
-
90
- ### 3.1 Domain (if changed)
91
- | # | Rule |
92
- |---|------|
93
- | D1 | Domain purity — no forbidden imports (ORM, HTTP, cache, queue, auth SDK) |
94
- | D2 | No cross-domain imports (only shared kernel allowed) |
95
- | D3 | No persistence-model imports in domain |
96
- | D4 | Entities have behavior (not anemic data bags) |
97
- | D5 | Entities raise events on state change (if architecture uses events) |
98
- | D6 | Ports in `ports/` dir (not inline in usecases) |
99
- | D7 | One port per file |
100
- | D8 | Ports return domain types, not primitives |
101
- | D9 | Value objects stdlib-only |
102
- | D10 | Usecases have no infra imports |
103
-
104
- Quick check:
105
- ```bash
106
- CHANGED_DOMAIN=$(git diff "$BASE"...HEAD --name-only --diff-filter=ACMR \
107
- | grep -E '^(src|internal|lib)/domain/')
108
- [ -n "$CHANGED_DOMAIN" ] && echo "$CHANGED_DOMAIN" \
109
- | xargs grep -lEn '<STACK_FORBIDDEN_REGEX>' 2>/dev/null \
110
- && echo FAIL || echo PASS
111
- ```
112
-
113
- ### 3.2 Application (if changed)
114
- | # | Rule |
115
- |---|------|
116
- | A1 | Handler is thin (parse → service → respond, no business logic) |
117
- | A2 | Service justified only when ≥2 usecases orchestrated |
118
- | A3 | Listener is side-effect only (no business logic) |
119
- | A4 | Listener registered in event bus |
120
- | A5 | Event name string matches registry |
121
- | A6 | DTOs validated at boundary |
122
- | A7 | Composition root only — no inline wiring in handlers |
123
-
124
- ### 3.3 Infrastructure (if changed)
125
- | # | Rule |
126
- |---|------|
127
- | I1 | Repository has no business logic |
128
- | I2 | Mappers exist (domain ↔ ORM model) |
129
- | I3 | Implements port interface (returns domain types) |
130
- | I4 | Context / transaction propagation correct |
131
-
132
- ### 3.4 Persistence models (if changed)
133
- | # | Rule |
134
- |---|------|
135
- | M1 | ORM models in infrastructure, NOT domain |
136
- | M2 | Schema change → matching migration |
137
- | M3 | Nullable columns use nullable types |
138
-
139
- ---
140
-
141
- ## Phase 4: CONVENTIONS (cross-stack)
142
-
143
- | # | Rule |
144
- |---|------|
145
- | G1 | No swallowed errors (no empty catch / `if err != nil {}`) |
146
- | G2 | Async work uses background context, NOT request context |
147
- | G3 | API-facing types have serialization tags (`json:`, decorators, etc.) |
148
- | G4 | No hardcoded secrets / tokens / keys |
149
- | G5 | Parameterized queries only — no string-interpolated SQL |
150
- | G6 | Input validation at boundary before reaching domain |
151
-
152
- Plus any stack-specific Hard Rules from the architecture doc.
153
-
154
- ---
155
-
156
- ## Phase 5: QUALITY (manual)
157
-
158
- Read the diff. Look for:
159
-
160
- | # | Area | What to look for |
161
- |---|------|------------------|
162
- | Q1 | Logic correctness | Off-by-one, nil deref, wrong condition, missed edge case |
163
- | Q2 | Error handling | Errors propagated/wrapped, not silently ignored |
164
- | Q3 | Concurrency | Race conditions, shared mutable state, async leaks |
165
- | Q4 | Resource leaks | Unclosed connections, HTTP bodies, file handles |
166
- | Q5 | Naming | Reveals intent (no `data`, `info`, `manager`, `helper`) |
167
- | Q6 | Dead code | Unreachable, unused, commented-out |
168
- | Q7 | Duplication | Real duplication across changed files (not coincidental) |
169
- | Q8 | Breaking change | API contract change, removed field, behavior change |
170
- | Q9 | Over-engineering | Abstraction not justified by the change |
171
- | Q10 | Test coverage | New logic has tests; bug fixes have regression tests |
172
-
173
- ---
174
-
175
- ## Phase 6: TESTS
176
-
177
- ```bash
178
- # Tests for changed domains only
179
- CHANGED_DOMAINS=$(git diff "$BASE"...HEAD --name-only --diff-filter=ACMR \
180
- | grep -E '/(domain|modules|features)/' \
181
- | sed -E 's|.*(domain\|modules\|features)/([^/]+)/.*|\2|' | sort -u)
182
-
183
- for d in $CHANGED_DOMAINS; do
184
- # Go: go test ./internal/domain/$d/... -v
185
- # NestJS: npx jest src/domain/$d
186
- # Laravel: ./vendor/bin/phpunit --filter $d
187
- # Flutter: flutter test test/domain/$d
188
- echo "Test $d"
189
- done
190
-
191
- # Full suite
192
- {full_test_command}
193
- ```
194
-
195
- ---
196
-
197
- ## Phase 7: REPORT
198
-
199
- ```markdown
200
- ## Code Review: {branch} → {base}
201
-
202
- **Stack:** {stack} · **Commits:** {N} · **Files:** {N} (+{add} / -{del})
203
-
204
- ### Build / Lint / Types
205
- | Check | Status |
206
- |-------|--------|
207
- | Build | PASS/FAIL |
208
- | Lint | PASS/FAIL |
209
- | Types | PASS/FAIL |
210
-
211
- ### Architecture / Conventions / Quality
212
- | # | Rule | Status | File:line |
213
- |---|------|--------|-----------|
214
- | D1 | Domain purity | PASS | — |
215
- | G4 | No secrets | FAIL | `config/db.ts:42` hardcoded token |
216
- | Q1 | Logic correctness | OK | — |
217
-
218
- ### Tests
219
- | Check | Status |
220
- |-------|--------|
221
- | Changed area tests | PASS/FAIL |
222
- | Full suite | PASS/FAIL |
223
-
224
- ### Issues (sorted by severity)
225
- | # | Severity | File:line | Issue | Suggested fix |
226
- |---|----------|-----------|-------|---------------|
227
- | 1 | CRITICAL | config/db.ts:42 | hardcoded token | move to env |
228
- | 2 | HIGH | handlers/user.ts:88 | business logic in handler | extract to usecase |
229
-
230
- ### Verdict
231
- {APPROVED / CHANGES REQUESTED}
232
- ```
233
-
234
- ### Verdict rules
235
- - **CRITICAL or HIGH found** → CHANGES REQUESTED
236
- - **MEDIUM only** → CHANGES REQUESTED (should fix)
237
- - **LOW only or nothing** → APPROVED (with suggestions if any)
238
-
239
- ---
240
-
241
- ## Phase 8: FIX (if user confirms)
242
-
243
- 1. Fix in order: CRITICAL → HIGH → MEDIUM → LOW
244
- 2. Re-run build + lint + tests after each batch
245
- 3. Re-run full review when all fixed
246
- 4. Report final status
247
-
248
- ---
249
-
250
- ## Hard Rules
251
-
252
- - **Changed files only** — don't expand scope to drive-by reviews
253
- - **Stop on CRITICAL** — fix build / lint / type errors before everything else
254
- - **File:line for every issue** — no vague "somewhere in handlers"
255
- - **Match severity honestly** — don't grade-inflate
256
- - **Test changed areas** — don't only rely on global test run
257
-
258
- ---
259
-
260
- ## Related Skills
261
-
262
- | When | Use |
263
- |------|-----|
264
- | Reviewing teammate's PR | `/review-pr` |
265
- | Deep DDD audit of a domain | `/review-architect` |
266
- | Fixing review comments on your PR | `/fix-pr-comment` |
267
- | Fixing bugs surfaced here | `/fix-hotfix` |
268
-
269
- ## Recommended Agents
270
-
271
- | Phase | Agent | Purpose |
272
- |-------|-------|---------|
273
- | 3 Architecture | `@clean-architect` | DDD compliance |
274
- | 4 Conventions | `@security-audit` | Vulnerability sweep |
275
- | 5 Quality | `@code-reviewer` | Code smells |
276
- | 6 Tests | `@test-writer` | Coverage check |
277
- | 8 Fix | Stack-specific dev agent | Apply fixes |