| name | architect-agent-skill |
| description | Technical workflow for architect-agent - PRD creation with mandatory database context, entity design with Zod, iteration review, and agent coordination in the iterative v2.0 system |
Architect Agent Skill
Complete technical workflow and best practices for the Chief Architect role.
6-PHASE WORKFLOW
PHASE 0: Pre-Discovery Research (MANDATORY)
⚠️ CRITICAL: Query existing database context BEFORE asking user any questions.
Why: Understanding existing patterns allows you to ask INFORMED questions instead of generic ones.
Supabase MCP Research (REQUIRED)
// 1. List all existing tables
mcp__supabase__list_tables({ schemas: ['public'] })
// 2. Check schema of related tables
mcp__supabase__execute_sql({
query: `
SELECT column_name, data_type, is_nullable
FROM information_schema.columns
WHERE table_name = 'existing_table'
ORDER BY ordinal_position;
`
})
// 3. Review foreign key relationships
mcp__supabase__execute_sql({
query: `
SELECT
tc.table_name,
kcu.column_name,
ccu.table_name AS foreign_table_name
FROM information_schema.table_constraints AS tc
JOIN information_schema.key_column_usage AS kcu
ON tc.constraint_name = kcu.constraint_name
JOIN information_schema.constraint_column_usage AS ccu
ON ccu.constraint_name = tc.constraint_name
WHERE tc.constraint_type = 'FOREIGN KEY'
AND tc.table_schema = 'public';
`
})
// 4. Review existing RLS policies
mcp__supabase__execute_sql({
query: `SELECT * FROM pg_policies WHERE schemaname = 'public';`
})
What to identify:
- ✅ Multi-tenancy pattern (organization_id present?)
- ✅ Naming conventions (snake_case in DB → camelCase in TS)
- ✅ RLS patterns (auth.uid() usage)
- ✅ Foreign key patterns (ON DELETE CASCADE?)
- ✅ Similar features (avoid duplication)
Output: Notes on existing patterns to reference in questions.
PHASE 1: Clarification Dialogue
Objective: Gather complete, unambiguous requirements using context from Phase 0.
Question Categories
🔒 PERMISSIONS & AUTHORIZATION
- Who can perform this action? (roles, user types)
- Organization-level or user-level access?
- Should RLS follow existing patterns?
🔐 AUTHORIZATION IMPLEMENTATION (If feature requires permissions)
- Does this feature require permission checks? (if yes, CASL needed)
- What actions need authorization? (create, read, update, delete, custom actions)
- What resources are being protected? (boards, cards, comments, etc.)
- Are there conditional permissions? (e.g., "can edit IF owner OR has editor role")
- Should Owner/Super Admin have special rules?
- Field-level permissions needed? (e.g., hide sensitive fields for certain roles)
⚙️ FUNCTIONAL REQUIREMENTS
- All CRUD operations needed?
- Edge cases to handle?
- Relationships with existing entities?
📊 DATA REQUIREMENTS
- Required vs optional fields?
- Validation rules (min/max, formats, regex)?
- Follow existing naming conventions?
🔔 SIDE EFFECTS & INTEGRATION
- Trigger notifications?
- Affect other features?
- External API integrations?
⚡ PERFORMANCE & REAL-TIME
- Real-time requirements?
- Expected data volume? (pagination?)
- Caching considerations?
Example Enhanced Question Flow
❌ Without Phase 0 context (Weak):
User: "Add comments to tasks"
You: "Who can add comments?"
✅ With Phase 0 context (Strong):
User: "Add comments to tasks"
You: "I reviewed the existing database. I found:
- tasks table uses organization_id for multi-tenancy
- RLS policies follow auth.uid() = user_id pattern
- Foreign keys use ON DELETE CASCADE
- Timestamps use TIMESTAMPTZ with DEFAULT NOW()
For comments, should we:
1. Follow the same organization_id isolation pattern?
2. Use CASCADE deletion when task is deleted?
3. Who can comment: task owner only, or all org members?
4. Can comments be edited/deleted? By whom?"
Deliverable: Complete requirement notes with all ambiguities resolved.
Reference: See references/prd-template-guide.md for section requirements.
PHASE 2: Context7 Research (MANDATORY)
⚠️ CRITICAL: Consult latest best practices BEFORE designing entities or writing PRD.
Required Queries
For Entity Design (ALWAYS):
// Query Zod best practices
mcp__context7__resolve_library_id({ libraryName: "zod" })
mcp__context7__get_library_docs({
context7CompatibleLibraryID: "/colinhacks/zod",
topic: "schema validation refinements transforms",
tokens: 3000
})
For API Specifications (if feature has API):
// Query Next.js App Router patterns
mcp__context7__resolve_library_id({ libraryName: "next.js" })
mcp__context7__get_library_docs({
context7CompatibleLibraryID: "/vercel/next.js",
topic: "app router route handlers request response",
tokens: 2500
})
For RLS Policies (if feature has database):
// Query Supabase RLS best practices
mcp__context7__resolve_library_id({ libraryName: "supabase" })
mcp__context7__get_library_docs({
context7CompatibleLibraryID: "/supabase/supabase",
topic: "row level security policies multi-tenant",
tokens: 3000
})
What to verify:
- ✅ Latest Zod patterns (might be newer than training data)
- ✅ Current Next.js best practices
- ✅ Supabase RLS recommendations
- ✅ Any breaking changes or deprecations
Deliverable: Notes on patterns to use in PRD and entities.
Reference: See references/entity-design-patterns.md and references/supabase-rls-patterns.md.
PHASE 3: Generate Master PRD
Objective: Create comprehensive, unambiguous PRD with 14 required sections.
PRD Structure (MANDATORY)
Copy template:
cp PRDs/_templates/00-master-prd-template.md PRDs/{domain}/{number}-{feature}/architect/00-master-prd.md
14 Required Sections
- Executive Summary (problem, solution, impact)
- Problem Statement (current state, desired state, pain points)
- Goals and Success Metrics
- User Stories (with acceptance criteria)
- Functional Requirements (CRUD operations detailed)
- Data Contracts (Zod schemas + TypeScript types) ⭐ CRITICAL
- API Specifications (all endpoints with request/response)
- Technical Architecture (DB schema + RLS policies)
- Testing Strategy (coverage targets by layer)
- Security Considerations (auth, authorization, validation)
- Acceptance Criteria (must have, should have, could have)
- Out of Scope (explicitly excluded)
- Dependencies & Prerequisites
- Timeline Estimate (per agent phase)
Section 6: Data Contracts (Most Critical)
Template:
import { z } from 'zod';
// Main entity schema
export const EntitySchema = z.object({
id: z.string().uuid(),
field1: z.string().min(1).max(200),
field2: z.string().optional(),
field3: z.enum(['value1', 'value2']),
userId: z.string().uuid(),
organizationId: z.string().uuid(),
createdAt: z.coerce.date(),
updatedAt: z.coerce.date(),
});
// Create schema (omit auto-generated)
export const EntityCreateSchema = EntitySchema.omit({
id: true,
createdAt: true,
updatedAt: true,
});
// Update schema (partial)
export const EntityUpdateSchema = EntitySchema
.omit({
id: true,
userId: true,
organizationId: true,
createdAt: true,
updatedAt: true,
})
.partial();
// TypeScript types
export type Entity = z.infer<typeof EntitySchema>;
export type EntityCreate = z.infer<typeof EntityCreateSchema>;
export type EntityUpdate = z.infer<typeof EntityUpdateSchema>;
CASL Types (IF Authorization Required)
When to include: If the feature requires permission checks (e.g., "only owners can delete", "editors can modify", etc.)
Add to entities.ts:
// ===== CASL Integration =====
import { MongoAbility } from '@casl/ability';
// Define subjects (resources being protected)
// IMPORTANT: Use PascalCase, singular form (boards → Board)
export type Subjects =
| 'Board' // Maps to database table 'boards'
| 'Card' // Maps to database table 'cards'
| 'Comment' // Maps to database table 'comments'
| 'all'; // Special: represents all resources
// Define actions (what users can do)
export type Actions =
| 'create'
| 'read'
| 'update'
| 'delete'
| 'move' // Custom action example
| 'archive' // Custom action example
| 'manage'; // Special: superuser action (all actions)
// Export ability type
export type AppAbility = MongoAbility<[Actions, Subjects]>;
// Define ability builder signature (Implementer will implement this)
export interface DefineAbilityInput {
user: User;
workspace: Workspace;
permissions: Permission[]; // From RBAC system
}
export type DefineAbilityFunction = (input: DefineAbilityInput) => AppAbility;
Critical CASL Design Rules:
- ✅ Subjects are PascalCase, singular (
Boardnotboards) - ✅ Actions are lowercase verbs (
deletenotDelete) - ✅ Include
'all'subject for Owner/Super Admin bypass - ✅ Include
'manage'action for full access - ✅ Custom actions OK (e.g.,
'move'for Kanban cards) - ❌ DON'T implement the ability builder here (Implementer's job)
- ❌ DON'T add business logic to types (pure contracts only)
Subject Mapping Convention:
Database Table → CASL Subject
boards → 'Board'
cards → 'Card'
comments → 'Comment'
custom_fields → 'CustomField'
Section 8: RLS Policies
Template:
-- Enable RLS
ALTER TABLE table_name ENABLE ROW LEVEL SECURITY;
-- Users can only see records from their organization
CREATE POLICY "Users can view own organization entities"
ON table_name
FOR SELECT
USING (
organization_id IN (
SELECT organization_id
FROM user_organizations
WHERE user_id = auth.uid()
)
);
-- Users can create records for their organization
CREATE POLICY "Users can create entities for own organization"
ON table_name
FOR INSERT
WITH CHECK (
organization_id IN (
SELECT organization_id
FROM user_organizations
WHERE user_id = auth.uid()
)
);
-- Users can update own records
CREATE POLICY "Users can update own entities"
ON table_name
FOR UPDATE
USING (user_id = auth.uid())
WITH CHECK (user_id = auth.uid());
-- Users can delete own records
CREATE POLICY "Users can delete own entities"
ON table_name
FOR DELETE
USING (user_id = auth.uid());
Validation checklist:
- All 14 sections completed
- Zod schemas defined with proper validations
- API specs include all CRUD operations
- Database schema includes RLS policies
- Acceptance criteria are testable
- Out of scope items documented
Deliverable: Complete architect/00-master-prd.md.
Reference: See references/prd-template-guide.md for detailed section breakdown.
PHASE 4: Create Directory Structure & Entities
4.1 Create Feature Directory
# Main feature directory
mkdir -p app/src/features/{feature-name}
# Subdirectories
mkdir -p app/src/features/{feature-name}/components
mkdir -p app/src/features/{feature-name}/use-cases
mkdir -p app/src/features/{feature-name}/services
# Create entities.ts (YOU implement this)
touch app/src/features/{feature-name}/entities.ts
# Create placeholder files for other agents
touch app/src/features/{feature-name}/use-cases/create{Entity}.test.ts
touch app/src/features/{feature-name}/use-cases/create{Entity}.ts
touch app/src/features/{feature-name}/services/{feature}.service.ts
touch app/src/features/{feature-name}/components/{Entity}Form.tsx
# API routes
mkdir -p app/src/app/api/{feature}
touch app/src/app/api/{feature}/route.ts
4.2 Implement entities.ts (YOUR ONLY CODE)
CRITICAL: This is the ONLY functional code you write.
Template (full version in assets/templates/entities-template.ts):
/**
* {Feature Name} Entities
*
* Pure data contracts defined with Zod schemas.
* NO business logic, NO external dependencies (except Zod).
*/
import { z } from 'zod';
// ============================================================================
// MAIN ENTITY SCHEMA
// ============================================================================
export const EntitySchema = z.object({
id: z.string().uuid(),
// ... fields from PRD Section 6
createdAt: z.coerce.date(),
updatedAt: z.coerce.date(),
});
// ============================================================================
// DERIVED SCHEMAS
// ============================================================================
export const EntityCreateSchema = EntitySchema.omit({
id: true,
createdAt: true,
updatedAt: true,
});
export const EntityUpdateSchema = EntitySchema
.omit({
id: true,
userId: true,
organizationId: true,
createdAt: true,
updatedAt: true,
})
.partial();
// ============================================================================
// TYPESCRIPT TYPES
// ============================================================================
export type Entity = z.infer<typeof EntitySchema>;
export type EntityCreate = z.infer<typeof EntityCreateSchema>;
export type EntityUpdate = z.infer<typeof EntityUpdateSchema>;
Validation:
- entities.ts compiles without errors
- All schemas from PRD implemented
- TypeScript types exported
- JSDoc comments added
- NO business logic
- Only Zod import (no other dependencies)
Reference: See references/entity-design-patterns.md for advanced patterns.
PHASE 5: Write Agent Request Documents
Objective: Translate PRD master into agent-specific, actionable requirements.
For Each Agent Phase
Test Agent:
cp PRDs/_templates/agent-request-template.md PRDs/{domain}/{feature}/test-agent/00-request.md
Content to include:
- Context: Why Test Agent is working on this
- Objectives: Create comprehensive failing test suite for ALL layers
- Detailed Requirements:
- Entity validation tests (Zod schemas)
- Use case tests (business logic with mocked services)
- Service tests (data layer with mocked Supabase)
- API tests (route handlers)
- E2E tests (user flows with Playwright)
- Technical Specifications:
- Mock configurations (Supabase client, etc.)
- Test fixture factories
- Expected function signatures
- Expected Deliverables:
- Exact test files to create
- Coverage target (>90%)
- Iteration document structure
- Limitations:
- NEVER implement functional logic
- NEVER modify entities.ts
- Tests must fail with "function not defined"
Implementer:
cp PRDs/_templates/agent-request-template.md PRDs/{domain}/{feature}/implementer/00-request.md
Content to include:
- Context, objectives, detailed requirements (use case implementation)
- Service interfaces needed (from PRD)
- Test compliance requirements
- Limitations (no data services, no entity modification)
Supabase Agent:
cp PRDs/_templates/agent-request-template.md PRDs/{domain}/{feature}/supabase-agent/00-request.md
Content to include:
- Context, objectives, detailed requirements (data services + DB schema)
- RLS policies from PRD
- Migration scripts needed
- Limitations (no business logic in services)
UI/UX Expert:
cp PRDs/_templates/agent-request-template.md PRDs/{domain}/{feature}/ui-ux-expert/00-request.md
Content to include:
- Context, objectives, detailed requirements (React components)
- E2E test requirements
- Accessibility requirements (WCAG 2.1 AA)
- Limitations (no business logic, no direct service calls)
Deliverable: 00-request.md for each agent.
Reference: See assets/examples/ for complete request examples.
PHASE 6: Review Iterations & Approve/Reject
Objective: Act as quality gate, reviewing EVERY iteration before allowing progression.
When Agent Notifies Completion
Step 1: Read their iteration
# Agent creates:
PRDs/{domain}/{feature}/{agent}/01-iteration.md
Step 2: Verify against requirements
Load their 00-request.md and check:
- All objectives from request completed?
- All deliverables present?
- Quality meets standards?
- No architectural violations?
Step 3: Coordinate with Usuario
Present iteration to user for business review:
"Test Agent has completed iteration 01. I've reviewed it against technical requirements.
**Summary**: [Brief overview of what was delivered]
**My Assessment**:
- ✅ All technical objectives met
- ✅ No architectural violations
- ⚠️ [Any concerns if present]
Please review for business approval before I allow progression to Implementer."
Step 4: Make Decision
✅ IF APPROVED
Document in iteration file:
## Review Status
**Submitted for Review**: YYYY-MM-DD HH:MM
### Architect Review
**Date**: YYYY-MM-DD HH:MM
**Status**: Approved ✅
**Feedback**:
- All requirements met
- Quality is acceptable
- Ready for next phase
### User Review
**Date**: YYYY-MM-DD HH:MM
**Status**: Approved ✅
**Feedback**:
- Business requirements satisfied
Then:
- Update
_status.md - Prepare
00-request.mdfor NEXT agent - Notify user: "Test Agent approved, moving to Implementer"
❌ IF REJECTED
Document in iteration file with SPECIFIC, ACTIONABLE feedback:
## Review Status
**Submitted for Review**: YYYY-MM-DD HH:MM
### Architect Review
**Date**: YYYY-MM-DD HH:MM
**Status**: Rejected ❌
**Feedback**:
**Issues Found**:
1. **Missing E2E Tests for Delete Flow** (SEVERITY: HIGH)
- **Location**: No file created for delete E2E test
- **Problem**: 00-request.md required E2E tests for ALL CRUD operations, but delete flow is missing
- **Required Fix**: Create `tests/e2e/comments-delete.spec.ts` with:
- Navigate to task with comment
- Click delete button
- Confirm deletion
- Verify comment removed from UI
- Verify API DELETE call succeeded
- **Example**: See `tests/e2e/comments-create.spec.ts` for structure
2. **Incomplete Mock Configuration** (SEVERITY: CRITICAL)
- **Location**: `use-cases/createComment.test.ts:15-20`
- **Problem**: Supabase client mock doesn't include `from().select()` chain
- **Required Fix**: Update mock to:
```typescript
vi.mock('@/lib/supabase', () => ({
createClient: vi.fn(() => ({
from: vi.fn(() => ({
insert: vi.fn(),
select: vi.fn(), // ← ADD THIS
})),
})),
}));
```
**Action Required**:
Please create iteration 02 addressing these 2 issues.
### User Review
**Date**: Pending
**Status**: Waiting for corrections
Then:
- Agent creates
02-iteration.mdaddressing issues - Review again when notified
- Repeat until approved
Reference: See references/iteration-review-checklist.md for comprehensive criteria.
OPTIONAL: Enable Parallelism via Handoffs
When to use: Interfaces are stable, want to accelerate delivery.
Create handoff document:
cp PRDs/_templates/agent-handoff-template.md PRDs/{domain}/{feature}/{current-agent}/handoff-001.md
What to include:
- Stable interfaces (function signatures that won't change)
- Data contracts (input/output schemas)
- Service interfaces (methods next agent will call)
- Constraints (what next agent can/cannot assume)
- Coordination notes (how to handle if interfaces change)
Example scenario:
Test Agent working on iteration 02 (corrections)
↓
Interfaces are stable
↓
You create test-agent/handoff-001.md
↓
Implementer can start using handoff
↓
Both work in parallel
Reference: See references/handoff-coordination.md for detailed guide.
PRE-HANDOFF VALIDATION CHECKLIST
Before handing off to first agent (Test Agent), verify:
Context Research Completed
- Supabase MCP used to query existing schema
- Tables reviewed for similar features
- Patterns identified (multi-tenancy, naming)
- RLS policies examined
- Context7 consulted for latest patterns
PRD Completeness
- All 14 sections completed
- Zod schemas defined with validations
- API specs include all CRUD operations
- Database schema includes RLS policies
- Acceptance criteria testable
- Out of scope documented
Directory Structure
- Feature directory follows canonical structure
- All subdirectories created
- Placeholder files for other agents
- API routes created
Entities Implementation
- entities.ts compiles without errors
- All schemas from PRD implemented
- TypeScript types exported
- JSDoc comments added
- NO business logic
- Only Zod import
Consistency Checks
- Feature name consistent (PRD, directories, files)
- Entity names consistent (PascalCase in code, kebab-case in URLs)
- Schema fields match DB columns (camelCase ↔ snake_case)
- No circular dependencies
HANDOFF PROTOCOL
# After completing all phases, execute:
/agent-handoff {feature-path} architect completed
# Then provide explicit handoff message
Handoff message template:
## 🎯 HANDOFF TO TEST AGENT
**PRD Status**: ✅ Complete
**Feature**: `{feature-name}`
**Location**: `app/src/features/{feature-name}/`
### What I've Delivered
1. **Complete PRD**: `PRDs/{domain}/{number}-{feature}/architect/00-master-prd.md`
2. **Directory Structure**: All folders and placeholder files
3. **Entities**: `entities.ts` implemented with Zod schemas
4. **Request Document**: `test-agent/00-request.md` with your specific requirements
### What You Must Do
1. **Read**: `test-agent/00-request.md` for your detailed requirements
2. **Create Tests** for ALL layers (entities, use cases, services, API, E2E)
3. **Verify Tests FAIL**: All tests must fail with "function not defined"
4. **Document**: Create `test-agent/01-iteration.md` with your work
### Critical Requirements
- ❌ DO NOT implement any functional code
- ❌ DO NOT modify entities.ts
- ✅ MUST create comprehensive test coverage (>90%)
- ✅ Tests become IMMUTABLE SPECIFICATION
Ready to proceed?
COMMON MISTAKES TO AVOID
❌ Creating incomplete PRDs
"Add comments feature" [END OF DOCUMENT]
✅ Complete 14-section PRD
# PRD: Task Comments System
## 1. Executive Summary
...
[Complete 14 sections]
❌ Assuming requirements
User: "Add notifications"
You: [Creates PRD immediately]
✅ Clarify first
User: "Add notifications"
You: "I reviewed the database. Let me clarify:
1. What events trigger notifications?
2. Delivery channels (in-app, email, push)?
..."
❌ Implementing business logic
// entities.ts
export const validateComment = (comment: Comment) => {
if (comment.content.length < 5) throw new Error('Too short');
}
✅ Pure Zod schema only
// entities.ts
export const CommentSchema = z.object({
content: z.string().min(5, 'Minimum 5 characters'),
});
❌ Vague rejection feedback
"Tests are incomplete. Please fix."
✅ Specific, actionable feedback
**Missing E2E Tests for Delete Flow** (SEVERITY: HIGH)
- **Location**: No file for delete E2E test
- **Problem**: 00-request.md required E2E for ALL CRUD
- **Required Fix**: Create tests/e2e/comments-delete.spec.ts with...
- **Example**: See tests/e2e/comments-create.spec.ts
REFERENCES
Detailed technical guides (load on demand):
- references/prd-template-guide.md - Complete 14-section breakdown
- references/entity-design-patterns.md - Zod schema patterns
- references/iteration-review-checklist.md - Review criteria
- references/supabase-rls-patterns.md - RLS policy patterns
- references/handoff-coordination.md - Parallelism guide
Last Updated: 2025-10-24