super-opencode 1.1.0

package/.opencode/skills/confidence-check/SKILL.md

@@ -0,0 +1,97 @@
+---
+name: confidence-check
+description: Pre-execution risk assessment to prevent hallucinations and architectural drift.
+---
+
+# Confidence Check Skill
+
+## Purpose
+To calculate a probabilistic "Success Score" (0.0 - 1.0) **before** generating code. This acts as a circuit breaker for the `execution` mode.
+
+**ROI Metric**: A 200-token analysis prevents 2,000+ tokens of incorrect code generation and subsequent debugging time.
+
+## When to Use
+- **Automatic Trigger**: Before any `write_file` operation affecting > 50 lines of code.
+- **Manual Trigger**: When requirements are vague (e.g., "Fix the bug").
+- **Agent Handoff**: When `pm-agent` assigns a task to `backend` or `frontend`.
+
+## The 5 Pillars of Confidence
+
+| Pillar | Weight | Verification Action | Related Agent |
+| :--- | :--- | :--- | :--- |
+| **1. Context Awareness** | 25% | Have I read *all* related files? (grep/read_file) | `pm-agent` |
+| **2. Specification** | 25% | Do I have a clear Interface/Schema? (Zod/Types) | `architect` |
+| **3. Ground Truth** | 20% | Do I have *current* docs? (No hallucinations) | `researcher` |
+| **4. Pattern Matching** | 15% | Does this match existing project style? | `review` |
+| **5. Impact Analysis** | 15% | Do I know what this might break? | `quality` |
+
+## Scoring & Protocols
+
+### 🟢 High Confidence (≥ 0.90)
+**Action**: **PROCEED** to `execution` mode.
+*   *Definition:* You have the file paths, the schema is defined, you have verified the library version, and you have a rollback plan.
+
+### 🟡 Medium Confidence (0.70 - 0.89)
+**Action**: **REFINE** before coding.
+*   *Protocol:* Identify the weak pillar and fix it.
+    *   *Weak Docs?* -> Trigger `researcher` to fetch API refs.
+    *   *Weak Specs?* -> Trigger `architect` to define the interface.
+    *   *Weak Context?* -> Run `grep` to find usages.
+
+### 🔴 Low Confidence (< 0.70)
+**Action**: **HALT**.
+*   *Protocol:* Do not write code. Return control to `pm-agent` or ask the user clarifying questions.
+    *   *Example:* "I cannot proceed. I do not know the expected return type of the API, and I cannot find a design pattern for this module."
+
+## Execution Template
+
+*Copy this mental scratchpad into your context window before coding.*
+
+```markdown
+## 🛡️ Pre-Flight Confidence Check
+
+### 1. Context Audit (25%)
+- [ ] Mapped dependency tree? (Yes/No)
+- [ ] Checked for duplicate logic via `grep`? (Yes/No)
+- **Score: __ / 0.25**
+
+### 2. Spec Validation (25%)
+- [ ] Is the Input/Output clearly typed (TypeScript/Zod)?
+- [ ] Does an ADR or RFC exist for this?
+- **Score: __ / 0.25** -> *If 0, consult `architect`*
+
+### 3. Documentation Reality (20%)
+- [ ] Did I look up the library docs *today*?
+- [ ] Am I guessing the API syntax?
+- **Score: __ / 0.20** -> *If 0, consult `researcher`*
+
+### 4. Local Patterns (15%)
+- [ ] Am I using the project's established styling/naming?
+- **Score: __ / 0.15**
+
+### 5. Risk Assessment (15%)
+- [ ] If this fails, does the app crash or just error out?
+- [ ] Do I have a test case ready to verify this?
+- **Score: __ / 0.15** -> *If 0, consult `quality`*
+
+### 🏁 Final Score: [ 0.00 - 1.00 ]
+**Verdict:** [ PROCEED / REFINE / HALT ]
+```
+
+## Scenario Examples
+
+### Scenario A: Adding a new API Endpoint
+*   **Context**: Read `server.ts`? Yes.
+*   **Spec**: No request schema defined. (**0**)
+*   **Docs**: Know Express well. (0.2)
+*   **Pattern**: Copied existing controller style. (0.15)
+*   **Risk**: Low. (0.15)
+*   **Total**: **0.75 (Medium)**
+*   **Action**: *STOP. Call `backend` agent to define Zod schema first. Then Proceed.*
+
+### Scenario B: "Fix the white screen"
+*   **Context**: No error logs provided. (**0**)
+*   **Spec**: Unknown. (**0**)
+*   **Docs**: N/A.
+*   **Total**: **0.15 (Low)**
+*   **Action**: *HALT. Ask user for logs or reproduction steps. Trigger `brainstorming` mode.*

package/.opencode/skills/debug-protocol/SKILL.md

@@ -0,0 +1,83 @@
+---
+name: debug-protocol
+description: Scientific debugging workflow using Root Cause Analysis and Minimal Reproducible Examples (MRE).
+---
+
+# Debug Protocol Skill
+
+## Purpose
+To replace "Shotgun Debugging" (randomly changing code) with a deterministic, scientific process.
+**Goal:** Fix the *root cause*, not just the symptom.
+
+## When to Use
+- **Trigger**: When a test fails, an exception is thrown, or output is unexpected.
+- **Agent**: Primarily used by `execution` mode.
+- **Support**:
+    - Call `quality` to write the reproduction test.
+    - Call `researcher` if the error message is obscure/undocumented.
+
+## The Scientific Method (4-Step Protocol)
+
+### Phase 1: Observation (The MRE)
+**Rule**: *If you cannot reproduce it, you cannot fix it.*
+1.  **Isolate**: Create a standalone script or test case that fails 100% of the time.
+2.  **Minimize**: Remove all code not strictly necessary to produce the error.
+3.  **Log**: Do not guess variables. Log them.
+
+### Phase 2: Localization (The "Wolf Fence")
+**Rule**: *Divide and Conquer.*
+1.  **Binary Search**: Is the data wrong at the Database? No? At the API? No? At the UI?
+2.  **Trace**: Follow the data flow. Find the *exact line* where the reality diverges from expectation.
+
+### Phase 3: Hypothesis (The "5 Whys")
+**Rule**: *Do not fix the symptom.*
+1.  **Identify**: "Variable X is null."
+2.  **Ask Why**: "Why is X null?" -> "Because the API returned 404."
+3.  **Ask Why**: "Why 404?" -> "Because the ID was undefined."
+4.  **Ask Why**: "Why undefined?" -> "Because of a typo in the frontend."
+5.  **Root Cause**: Typo in the frontend payload.
+
+### Phase 4: Resolution & Verification
+**Rule**: *Prove it.*
+1.  **Apply Fix**: Correct the root cause.
+2.  **Verify**: Run the MRE from Phase 1. It must pass.
+3.  **Regression**: Run the full test suite. Ensure nothing else broke.
+
+## Debugging Scratchpad Template
+
+*Copy this into context during a debug session.*
+
+```markdown
+## 🐞 Debug Session: [Error Name]
+
+### 1. The Reproduction (MRE)
+- [ ] Created `reproduce_issue.ts`
+- [ ] Failure is deterministic (Happens every time)
+- **Error Message**: `[Paste exact error]`
+
+### 2. Localization (Wolf Fence)
+- [ ] Inputs are correct? (Yes/No)
+- [ ] Intermediate state correct? (Yes/No)
+- **Found at**: File `X`, Line `Y`.
+
+### 3. Root Cause Analysis (5 Whys)
+1. Why? [Answer]
+2. Why? [Answer]
+3. **Root Cause**: [The fundamental flaw]
+
+### 4. Resolution
+- **Action**: [What did you change?]
+- **Verification**: `npm test -- reproduce_issue.ts` -> ✅ PASS
+```
+
+## Anti-Patterns (Must Avoid)
+
+- ❌ **"It should work":** Code does not care what it "should" do. It does what it is told. Look at what it is doing.
+- ❌ **Console Log Spray:** Don't leave `console.log('here')` all over the code. Use structured logging or remove them after finding the bug.
+- ❌ **The "Blind Fix":** Applying a StackOverflow solution without understanding *why* it applies to your specific context. (Call `researcher` first).
+- ❌ **Ignoring Warning Logs:** Often the error is preceded by a warning 10 lines up. Read the *whole* log.
+
+## Integration with Agents
+
+-   **`quality` agent**: If you are stuck on **Phase 1 (Reproduction)**, delegate to `quality`. *"I see the error, but I can't write a test for it. Quality Agent, please create a Cypress test for this UI bug."*
+-   **`researcher` agent**: If you are stuck on **Phase 3 (Hypothesis)**. *"I have the error 'Heap Out of Memory'. Researcher, what are the common causes for this in Node.js 18?"*

package/.opencode/skills/reflexion/SKILL.md

@@ -0,0 +1,108 @@
+---
+name: reflexion
+description: Post-action analysis to generate heuristics, update project memory, and prevent regression loops.
+---
+
+# Reflexion Skill
+
+## Purpose
+To transform **Failures** into **Heuristics**.
+Reflexion is the cognitive step that occurs **after** a failed attempt and **before** the next attempt. It breaks the "Insanity Loop" (doing the same thing twice expecting different results).
+
+**ROI Metric**: Prevents 5-10 wasted attempts in a loop by forcing a strategy shift after the first failure.
+
+## When to Use
+- **Automatic Trigger**: After a tool error (e.g., `bash` exit code != 0).
+- **Automatic Trigger**: After a test failure during `execution` mode.
+- **Manual Trigger**: When the user rejects an artifact ("This isn't what I asked for").
+- **Periodic**: At the end of a major feature (Project Retro).
+
+## The Reflexion Protocol (The Loop)
+
+### 1. The Halt (Stop)
+**Rule**: *Never retry immediately.*
+If an error occurs, you must pause. Do not simply re-run the command hoping for a different outcome.
+
+### 2. The Trace (Diagnosis)
+**Action**: Analyze the mismatch between *Expected Output* and *Actual Output*.
+*   *Was it a Syntax Error?* (Context failure).
+*   *Was it a Logic Error?* (Reasoning failure).
+*   *Was it a Hallucination?* (Knowledge failure).
+
+### 3. The Heuristic (Correction)
+**Action**: Create a new rule for yourself.
+*   *Old Thought:* "I will use `rm -rf` to clean up."
+*   *New Heuristic:* "I must check if the directory exists before attempting delete."
+
+### 4. The Store (Memory)
+**Action**: Save this lesson.
+*   *Short-term:* Apply to current context window.
+*   *Long-term:* Write to `.opencode/memory/patterns.md`.
+
+## Execution Template
+
+*Use this scratchpad when entering a Reflexion State.*
+
+```markdown
+## 🧠 Reflexion: [Failure Context]
+
+### 1. Analysis
+- **Expectation**: Test passed.
+- **Reality**: `ReferenceError: User is not defined`
+- **Gap**: I assumed `User` was exported from `types.ts`, but it was a default export.
+
+### 2. Critique
+"I failed to check the import style of the existing module before writing the import statement."
+
+### 3. New Strategy (The Pivot)
+- ❌ **Stop**: Guessing import paths.
+- ✅ **Start**: Using `grep` to see how other files import `User`.
+- **Action**: Run `grep -r "import.*User" .` before fixing.
+
+### 4. Memory Update
+- [ ] Add to Local Context? (Yes)
+- [ ] Add to Project Patterns? (No - simple syntax error)
+```
+
+## Memory Schema & Storage
+
+Maintain a dedicated memory structure to allow the `researcher` and `pm-agent` to learn over time.
+
+```text
+.opencode/
+└── memory/
+    ├── active_context.md       # Scratchpad for current session
+    ├── patterns.md             # Success patterns (What works here)
+    └── anti_patterns.md        # Failure log (What breaks here)
+```
+
+### Example: `.opencode/memory/anti_patterns.md`
+```markdown
+## ⛔ Anti-Patterns
+
+### 1. Database Connections
+- **Context**: Next.js Server Components.
+- **Failure**: "Too many connections" error.
+- **Lesson**: Do not instantiate Prisma Client inside the component. Use the singleton pattern defined in `src/lib/db.ts`.
+
+### 2. Styling
+- **Context**: Button Components.
+- **Failure**: Tailwinds classes not applying.
+- **Lesson**: We are using `tailwind-merge`. Standard string concatenation will fail. Always use `cn()` utility.
+```
+
+## Integration with Agents
+
+-   **`execution` agent**: Must trigger `reflexion` after 2 failed build attempts.
+    -   *Logic:* "Attempt 1 Failed -> Retry -> Attempt 2 Failed -> **STOP & REFLECT** -> Attempt 3".
+-   **`pm-agent`**: Reads `.opencode/memory/patterns.md` at the start of a new task to load context.
+-   **`writer`**: Uses successful reflexions to update the project's `README.md` or `CONTRIBUTING.md`.
+
+## Reflexion vs. Debugging
+
+| Feature | `debug-protocol` | `reflexion` |
+| :--- | :--- | :--- |
+| **Focus** | The Code | The Agent's Process |
+| **Goal** | Fix the Bug | Improve the Strategy |
+| **Output** | Working Software | Better Internal Rules |
+| **Question** | "Why is variable X null?" | "Why did I write code that made X null?" |

package/.opencode/skills/security-audit/SKILL.md

@@ -0,0 +1,90 @@
+---
+name: security-audit
+description: Static Analysis and Threat Modeling skill to detect OWASP Top 10 vulnerabilities.
+---
+
+# Security Audit Skill
+
+## Purpose
+To act as an automated **SAST (Static Application Security Testing)** scanner.
+**Goal**: Identify vulnerabilities in the *implementation* phase, before the code reaches the `review` phase.
+
+**ROI Metric**: Detecting a hardcoded secret here takes 5 seconds. Rotating a compromised key in production takes 5 hours.
+
+## When to Use
+-   **Trigger**: When `backend` implements an endpoint involving `users`, `auth`, or `payments`.
+-   **Trigger**: When `frontend` uses `dangerouslySetInnerHTML` or similar raw HTML rendering.
+-   **Trigger**: When `pm-agent` flags a task as "High Risk."
+-   **Agent**: Primary skill for the `security` agent; secondary skill for `backend`/`review` modes.
+
+## The Audit Protocol (The Scanner)
+
+### 1. Pattern Scanning (The Grep Check)
+*Scan the code for these specific "smells":*
+
+| Risk Category | Keywords/Patterns to Flag |
+| :--- | :--- |
+| **Injection (RCE/XSS)** | `eval()`, `exec()`, `system()`, `dangerouslySetInnerHTML`, `innerHTML` |
+| **SQL Injection** | String concatenation inside queries (`"SELECT... " + input`), `${var}` inside SQL strings |
+| **Weak Crypto** | `md5`, `sha1`, `Math.random()` (for secrets), `http://` (non-TLS) |
+| **Secrets** | `API_KEY`, `SECRET`, `PASSWORD` (assigned to hard strings) |
+| **Debug Leftovers** | `console.log(userObj)`, `debugger`, `0.0.0.0` (binding to all interfaces) |
+
+### 2. Logic Analysis (STRIDE)
+*Ask these questions about the flow:*
+*   **Spoofing**: Does this verify *who* the user is? (Check: Auth Middleware presence).
+*   **Tampering**: Can I modify the payload? (Check: Zod/Joi validation `strip()` on unknown keys).
+*   **Information Disclosure**: Does the error return the stack trace? (Check: `try/catch` blocks).
+*   **Elevation of Privilege**: Does it check `user.id === resource.ownerId`? (Check: Authorization logic).
+
+### 3. Dependency Check (Supply Chain)
+*   If `package.json` was modified:
+    *   Are versions pinned? (Good: `1.2.3`, Bad: `^1.2.3`).
+    *   Are there known CVEs? (Trigger `tavily` search).
+
+## Execution Template
+
+*Use this scratchpad to document the audit findings.*
+
+```markdown
+## 🔐 Security Audit Report: [File/Component]
+
+### 1. Static Scan
+- [ ] Checked for hardcoded secrets.
+- [ ] Checked for raw SQL/HTML injection.
+- [ ] Checked for dangerous functions (`eval`, `exec`).
+
+### 2. Logic Check (OWASP)
+- **AuthZ**: [ Verify BOLA/IDOR protection ]
+- **Input**: [ Verify Schema Validation ]
+- **Output**: [ Verify Data Sanitization ]
+
+### 3. Vulnerability Findings
+| Severity | Line | Issue | CWE ID | Remediation |
+| :--- | :--- | :--- | :--- | :--- |
+| 🔴 **Critical** | 42 | SQL Injection (`${id}`) | CWE-89 | Use Param: `WHERE id = $1` |
+| 🟡 **Medium** | 15 | Missing Rate Limit | CWE-799 | Add `RateLimitMiddleware` |
+
+### 🏁 Verdict
+[ PASS / FAIL ] - *If Fail, do not commit.*
+```
+
+## Remediation Patterns (The "Fix It" Guide)
+
+**Problem:** SQL Injection
+❌ `db.query("SELECT * FROM users WHERE name = '" + name + "'")`
+✅ `db.query("SELECT * FROM users WHERE name = $1", [name])`
+
+**Problem:** XSS (React)
+❌ `<div dangerouslySetInnerHTML={{ __html: userInput }} />`
+✅ `<div>{userInput}</div>` or use `DOMPurify.sanitize(userInput)`
+
+**Problem:** Broken Auth (IDOR)
+❌ `return await db.orders.find(req.params.id)`
+✅ `return await db.orders.find({ id: req.params.id, ownerId: req.user.id })`
+
+## Integration with Agents
+
+-   **`security` agent**: Uses this skill as its primary method of interaction.
+-   **`backend` agent**: Must invoke `security-audit` before marking an API task as "Complete."
+-   **`review` mode**: Uses the *Findings Table* as the basis for "Critical" comments.

package/.opencode/skills/self-check/SKILL.md

@@ -0,0 +1,95 @@
+---
+name: self-check
+description: Post-implementation validation to enforce the Definition of Done (DoD) and prevent hallucinations.
+---
+
+# Self-Check Skill
+
+## Purpose
+To validate work **after** implementation but **before** handoff.
+This is the "Check" in PDCA. It prevents the "It works on my machine" (or "It works in my context window") syndrome.
+
+**ROI Metric**: Catching a syntax error here costs 50 tokens. Catching it in a PR review costs 5,000 tokens + human time.
+
+## When to Use
+-   **Trigger**: Immediately after `execution` mode finishes writing code.
+-   **Trigger**: Before the `backend` agent hands off to `frontend`.
+-   **Trigger**: Before any `git commit`.
+
+## The "Proof of Work" Protocol
+
+### 1. The Build Check (Syntax)
+**Rule**: *Code that doesn't build doesn't exist.*
+-   Did you run the build/transpile command? (`npm run build`, `go build`, etc.)
+-   **Evidence**: Paste the exit code and the last 3 lines of output.
+
+### 2. The Logic Check (Behavior)
+**Rule**: *Claims require proof.*
+-   **Forbidden Phrase**: "I ran the tests and they passed." (This is often a hallucination).
+-   **Required Action**: Run the test command via `run_command` and capture the actual output.
+-   **Evidence**: Paste the `Total: X Passed, 0 Failed` line.
+
+### 3. The Contract Check (Requirements)
+**Rule**: *Did you solve the user's problem?*
+-   Map every constraint from the original prompt to a specific line of code or test case.
+
+### 4. The Hygiene Check (Cleanup)
+**Rule**: *Leave no trace.*
+-   Scan for: `console.log("here")`, `debugger`, commented out code blocks, or `TODO` comments added by you.
+-   **Action**: Remove them.
+
+## Execution Template
+
+*Copy this into the context window to validate your work.*
+
+```markdown
+## ✅ Self-Check Validation
+
+### 1. Build Verification
+- **Command**: `npm run build`
+- **Output**:
+  ```text
+  > build
+  > tsc
+  ✨ Done in 2.45s.
+  ```
+- **Status**: [ PASS / FAIL ]
+
+### 2. Test Verification
+- **Command**: `npm test -- user.service.test.ts`
+- **Output**:
+  ```text
+  PASS src/services/user.service.test.ts
+  Tests: 3 passed, 3 total
+  ```
+- **Status**: [ PASS / FAIL ] -> *If FAIL, trigger `reflexion` skill.*
+
+### 3. Requirements Mapping
+| Requirement | Implemented? | Evidence (File/Line) |
+| :--- | :--- | :--- |
+| "Users must have a role" | ✅ | `UserSchema.ts:12` (Zod enum) |
+| "Passwords must be hashed" | ✅ | `AuthService.ts:45` (bcrypt call) |
+
+### 4. Code Hygiene
+- [ ] Removed debug `console.log`s?
+- [ ] Removed temporary comments?
+- [ ] Ran Linter? (`npm run lint`)
+
+### 🏁 Final Verdict: [ READY TO SHIP / NEEDS FIXING ]
+
+## Red Flags (Hallucination Detection)
+
+If you see these patterns in your own reasoning, **STOP**:
+
+| Red Flag | Why It's Bad | Correction |
+| :--- | :--- | :--- |
+| *"The code looks correct."* | Visual inspection is insufficient. | Run the code. |
+| *"I updated the tests."* | Did you *run* them? | Run the tests. |
+| *"This should fix the error."* | Hope is not a strategy. | Verify the fix. |
+| *"I'll assume the DB is running."* | Assumption is the mother of all failures. | Check connection. |
+
+## Integration with Agents
+
+-   **`execution` mode**: Must run `self-check` before declaring `Status: COMPLETE`.
+-   **`pm-agent`**: Rejects any task update that does not include a `self-check` artifact.
+-   **`reflexion` skill**: If `self-check` results in **FAIL**, the agent must immediately enter `reflexion` mode to analyze the root cause before retrying.

package/.opencode/skills/simplification/SKILL.md

@@ -0,0 +1,92 @@
+---
+name: simplification
+description: Complexity reduction and architectural streamlining for Frontend, Backend, and Quality agents.
+---
+
+# Simplification Skill (Occam's Razor)
+
+## Purpose
+"Simplicity is the ultimate sophistication." This skill provides a rigorous protocol for identifying and eliminating over-engineering, code bloat, and technical debt across the entire stack.
+
+## Overview
+The Simplification Skill is a cross-functional protocol used to flatten logic, reduce state, and ensure every line of code justifies its existence. It leverages specialized agents and MCP tools to validate architectural simplicity and performance.
+
+## Prerequisites
+- **Agents**: [Backend](file:///.opencode/agents/backend.md), [Frontend](file:///.opencode/agents/frontend.md), [Quality](file:///.opencode/agents/quality.md).
+- **MCP Tools**: 
+    - `context7`: To research lightweight alternatives and library standards.
+    - `sequential-thinking`: To audit complex logic flows for potential flattening.
+    - `sqlite`: To verify if database schemas or queries can be compressed.
+    - `playwright`/`chrome-devtools`: To identify UI "jank" or DOM complexity.
+
+## Agent-Specific Simplification Protocols
+
+### [Senior Backend Engineer](file:///.opencode/agents/backend.md)
+- **State Reduction**: Derive values instead of storing them. If `is_active` can be derived from `status === 'active'`, delete the redundant field.
+- **Query Optimization**: Use `sqlite` to check for N+1 issues. Replace nested loops with single optimized queries or batching.
+- **Error Flattening**: Centralize error handling middleware. Remove repetitive `try/catch` blocks from business logic to expose the "Happy Path".
+
+### [Senior Frontend Engineer](file:///.opencode/agents/frontend.md)
+- **DOM Streamlining**: Replace "Div Soup" with semantic HTML elements.
+- **Hook Optimization**: Audit `useEffect` usage. If it's used to sync state, replace it with derived constants or `useMemo`.
+- **Styling Discipline**: Replace custom inline styles with standard Tailwind utility classes or `cva` variants.
+
+### [QA Automation Engineer](file:///.opencode/agents/quality.md)
+- **Test Pruning**: Remove redundant unit tests if the logic is covered by a high-confidence integration test.
+- **Selector Simplification**: Replace fragile XPaths or class-based selectors with accessible `getByRole` or `getByLabel` locators.
+
+## The Procedural Workflow
+
+### 1. The Deletion Test
+- **Action**: Use `grep_search` to find references to the target code. If references < 1, **DELETE**.
+- **Rule**: Dead code is the best code.
+
+### 2. The Library Leverage (via `context7`)
+- **Action**: Use `context7` to check if a complex custom utility (e.g., date formatting, deep cloning) can be replaced by a native function or a lightweight standard library (Lodash/Zustand).
+
+### 3. Flat Logic Audit (via `sequential-thinking`)
+- **Action**: Step through the logic. If nesting > 3 levels or cyclomatic complexity is high, apply guard clauses.
+- **Target Pattern**:
+  ```diff
+  - if (user) {
+  -   if (user.active) {
+  -     return doThing();
+  -   }
+  - }
+  + if (!user?.active) return;
+  + return doThing();
+  ```
+
+## Complexity Metrics to Watch
+- **Nesting Level**: Maximum 3 levels of indentation.
+- **Function Size**: Maximum 30 lines.
+- **Cognitive Weight**: If a function requires `sequential-thinking` just to "read" it, it's too complex.
+
+## Output Format
+
+```markdown
+## Simplification Review: [Target File/Function]
+
+### 1. Opportunities Identified
+| Area | Description | Tool Used | Impact |
+|------|-------------|-----------|--------|
+| Logic | Flatten nested `if` statements | `sequential-thinking` | High |
+| State | Remove redundant `isLoading` boolean | - | Medium |
+| Lib | Replace custom deep clone with `structuredClone` | `context7` | Low |
+
+### 2. Implementation: Before vs After
+**Before**:
+```javascript
+// Complex, nested, or redundant code
+```
+
+**After**:
+```javascript
+// Streamlined, readable, and efficient code
+```
+
+### 3. Impact Assessment
+- Lines Removed: [Count]
+- Performance Gain: [e.g., Reduced O(N²) to O(N)]
+- Maintenance Status: Optimized
+```