catlog22/Claude-Code-Workflow
1
0
Fork 0
mirror of https://github.com/catlog22/Claude-Code-Workflow.git synced 2026-02-15 02:42:45 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: add batch replan mode and comprehensive skill system

Browse Source 
- Add batch processing mode to /task:replan command
  - Support for verification report input
  - TodoWrite integration for progress tracking
  - Automatic backup management
- Enhance /workflow:action-plan-verify with batch remediation
  - Save verification report to .process directory
  - Provide batch replan command suggestions
- Add comprehensive skill documentation
  - Codex: autonomous development workflows
  - Gemini/Qwen: code analysis and documentation
  - Context-search: strategic context gathering
  - Prompt-enhancer: ambiguous prompt refinement
- Clean up CLAUDE.md strategy references

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
catlog22
2025-10-17 11:44:37 +08:00
parent 80196cc0a0
commit b366924ae6
24 changed files with 4231 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

270
.claude/skills/qwen/SKILL.md Normal file
View File

@@ -0,0 +1,270 @@
---
name: Qwen CLI Tool
description: Code analysis and documentation tool (Gemini fallback). Trigger keywords "use qwen", "qwen analysis", "analyze with qwen". Use when Gemini unavailable or for parallel analysis. Supports read-only analysis (default) and write operations (explicit permission).
allowed-tools: Bash, Read, Glob, Grep
---
# Qwen CLI Tool
## Core Execution
Qwen executes code analysis and documentation tasks using large context window capabilities.
**Trigger Keywords**: "use qwen", "qwen analysis", "qwen generate docs", "analyze with qwen"
**Execution Modes**:
- `analysis` (default): Read-only analysis, auto-execute
- `write`: Create/modify files, requires explicit permission
**Command Pattern**:
```bash
cd [directory] && ~/.claude/scripts/qwen-wrapper [--approval-mode yolo] -p "
PURPOSE: [goal]
TASK: [specific task]
MODE: [analysis|write]
CONTEXT: @{file/patterns}
EXPECTED: [results]
RULES: [constraints]
"
```
## Universal Template Structure
Every Qwen command should follow this detailed structure for best results:
```bash
cd [directory] && ~/.claude/scripts/qwen-wrapper [--approval-mode yolo] -p "
PURPOSE: [One clear sentence: what and why]
TASK: [Specific actionable task with scope]
MODE: [analysis|write]
CONTEXT: @{file/patterns} [Previous session context, dependencies, constraints]
EXPECTED: [Deliverable format, file names, coverage requirements]
RULES: [Template reference] | [Specific constraints: standards, patterns, focus areas]
"
```
### Template Field Guidelines
**PURPOSE**:
- One sentence combining goal + reason
- Examples: "Analyze auth system for SOC 2 compliance", "Document payment module for audit"
**TASK**:
- Break down into numbered sub-tasks for complex operations
- Include specific aspects: "Review authentication flow, session management, audit logging"
- Specify scope boundaries
**CONTEXT**:
- File patterns: `@{**/*.ts,**/*.test.ts}`
- Business context: "100k users, $2M monthly transactions, PCI DSS scope"
- Tech stack: Versions, frameworks, constraints
- Session memory: "Phase 1 identified 3 high-priority issues"
**EXPECTED**:
- Numbered deliverables: "1) Compliance report, 2) Remediation roadmap, 3) Evidence collection guide"
- Specific file names: "SECURITY.md", "PAYMENT_MODULE.md", "audit-findings.json"
- Coverage requirements: ">95% coverage", "All SOC 2 controls mapped"
- Output format: "Mermaid diagrams", "Compliance checklist", "Risk matrix"
**RULES**:
- Template reference: `$(cat ~/.claude/workflows/cli-templates/prompts/analysis/security.txt)`
- Multiple constraints separated by `|`: "Map to SOC 2 CC6.1 | Include CVE references | Follow NIST 800-63B"
- Specific standards: "OWASP Top 10 2021", "PCI DSS 3.2.1", "GDPR Article 32"
- Thresholds: "CVSS >7.0 as blocker", "p95 <200ms", ">80% cache hit rate"
## Command Structure
### Universal Template
Every Qwen command follows this structure:
```bash
cd [directory] && ~/.claude/scripts/qwen-wrapper [options] -p "
PURPOSE: [clear goal and intent]
TASK: [specific execution task]
MODE: [analysis|write]
CONTEXT: [file references and memory context]
EXPECTED: [clear expected results]
RULES: [template reference and constraints]
"
```
## Execution Modes
### Analysis Mode (Default - Read-Only)
Safe for auto-execution without user confirmation:
```bash
cd [directory] && ~/.claude/scripts/qwen-wrapper -p "
PURPOSE: [analysis goal]
TASK: [specific analysis task]
MODE: analysis
CONTEXT: @{file/patterns} [session memory]
EXPECTED: [analysis output]
RULES: [constraints]
"
```
**When to use**:
- Code exploration and understanding
- Architecture analysis
- Pattern discovery
- Security assessment
- Performance analysis
### Write Mode (Requires Explicit Permission)
⚠️ Only use when user explicitly requests file creation/modification:
```bash
cd [directory] && ~/.claude/scripts/qwen-wrapper --approval-mode yolo -p "
PURPOSE: [documentation goal]
TASK: [specific write task]
MODE: write
CONTEXT: @{file/patterns}
EXPECTED: [generated files]
RULES: [constraints]
"
```
**Parameter Position**: `--approval-mode yolo` must be placed AFTER `qwen-wrapper`, BEFORE `-p`
**Write Triggers**:
- User explicitly says "generate documentation"
- User explicitly says "create/modify files"
- User specifies `MODE=write` in prompt
## File Pattern Reference
Common patterns for CONTEXT field:
```bash
@{**/*} # All files
@{src/**/*} # Source files
@{*.ts,*.tsx} # TypeScript files
@{CLAUDE.md,**/*CLAUDE.md} # Documentation
@{src/**/*.test.*} # Test files
```
**Complex Pattern Discovery**:
For complex requirements, discover files first:
```bash
# Step 1: Discover with ripgrep or MCP
rg "export.*Component" --files-with-matches --type ts
# Step 2: Build precise CONTEXT
CONTEXT: @{src/components/Auth.tsx,src/types/auth.d.ts}
# Step 3: Execute with precise references
```
## Template System
Templates are located in `~/.claude/workflows/cli-templates/prompts/`
### Available Templates
**Analysis Templates**:
- `analysis/pattern.txt` - Code pattern analysis
- `analysis/architecture.txt` - System architecture review
- `analysis/security.txt` - Security assessment
- `analysis/quality.txt` - Code quality review
**Development Templates**:
- `development/feature.txt` - Feature implementation
- `development/refactor.txt` - Refactoring tasks
- `development/testing.txt` - Test generation
**Memory Templates**:
- `memory/claude-module-unified.txt` - Module documentation
### Using Templates in RULES Field
```bash
# Single template
RULES: $(cat ~/.claude/workflows/cli-templates/prompts/analysis/pattern.txt) | Focus on security
# Multiple templates
RULES: $(cat template1.txt) $(cat template2.txt) | Enterprise standards
# No template
RULES: Focus on security patterns, include dependency analysis
```
⚠️ **CRITICAL**: Never use escape characters (`\$`, `\"`, `\'`) in CLI commands - breaks command substitution.
## Context Optimization
Use `cd [directory] &&` pattern to focus analysis and reduce irrelevant context:
```bash
# Focused analysis
cd src/auth && ~/.claude/scripts/qwen-wrapper -p "
PURPOSE: Analyze auth architecture
TASK: Review auth system design and patterns
MODE: analysis
CONTEXT: @{**/*}
EXPECTED: Architecture analysis report
RULES: Focus on modularity and security
"
```
**When to change directory**:
- Specific directory mentioned → Use `cd directory &&`
- Focused analysis needed → Target specific directory
- Multi-directory scope → Stay in root, use explicit paths
## Execution Configuration
### Timeout Allocation (Dynamic)
Based on task complexity:
- **Simple** (analysis, search): 20-40min (1200000-2400000ms)
- **Medium** (refactoring, docs): 40-60min (2400000-3600000ms)
- **Complex** (implementation): 60-120min (3600000-7200000ms)
Auto-detect from PURPOSE and TASK fields.
### Permission Framework
-**Analysis Mode (default)**: Auto-execute without confirmation
- ⚠️ **Write Mode**: Requires explicit user confirmation or MODE=write specification
- 🔒 **Write Protection**: Never modify codebase without explicit user instruction
## Examples
Production-ready examples organized by scenario type:
- **[Analysis Examples](analysis-examples.md)** - Compliance-focused analysis with SOC 2 mapping, performance optimization, and technical debt assessment
- **[Write Examples](write-examples.md)** - API documentation with OpenAPI specs and PCI DSS compliance documentation
- **[Advanced Workflows](advanced-workflows.md)** - Security audit → remediation → verification pipeline
- **[Template Examples](template-examples.md)** - Multi-template quality gates for production releases
Each example follows the Universal Template Structure with compliance and business context focus.
## Best Practices
### Analysis Phase
- Use analysis mode for all exploratory work
- Focus on specific directories with `cd` pattern
- Include relevant file patterns in CONTEXT
- Reference session memory for continuity
### Documentation Phase
- Always use write mode with `--approval-mode yolo`
- Get explicit user confirmation first
- Include source files in CONTEXT
- Follow project documentation standards
## Error Handling
**If timeout occurs**:
- Reduce CONTEXT scope
- Use more specific file patterns
- Split into smaller analysis tasks
**If context too large**:
- Use `cd` to focus on specific directory
- Narrow file patterns
- Analyze in phases
**If output incomplete**:
- Increase timeout allocation
- Simplify EXPECTED results
- Break into multiple commands

53
.claude/skills/qwen/advanced-workflows.md Normal file
View File

@@ -0,0 +1,53 @@
# Qwen Advanced Multi-Phase Workflows
> **📖 Template Structure**: See [Universal Template Structure](SKILL.md#universal-template-structure) in SKILL.md for detailed field guidelines.
## Security Audit → Remediation → Verification Workflow
This three-phase workflow demonstrates comprehensive security audit with remediation and verification.
### Phase 1: Security Analysis
```bash
cd src && ~/.claude/scripts/qwen-wrapper -p "
PURPOSE: Conduct comprehensive security audit for production hardening
TASK: Analyze security vulnerabilities: SQL injection, XSS, CSRF, authentication bypass, authorization flaws, sensitive data exposure, cryptographic weaknesses, dependency vulnerabilities, configuration issues
MODE: analysis
CONTEXT: @{**/*.ts,**/*.json,!**/node_modules/**,package.json,package-lock.json,.env.example} Web application with 100k users, handles PII and payment data, currently no WAF, uses Express 4.18, Helmet configured, CORS enabled
EXPECTED: Security audit report: 1) Executive Summary (risk score), 2) OWASP Top 10 assessment (mapped findings), 3) Dependency vulnerability scan (CVE list with CVSS), 4) Authentication/Authorization review, 5) Data protection analysis (encryption at rest/transit), 6) Input validation gaps, 7) Configuration hardening checklist, 8) Remediation plan (prioritized by CVSS score), 9) Estimated fix effort per issue
RULES: $(cat ~/.claude/workflows/cli-templates/prompts/analysis/security.txt) | Map all findings to OWASP Top 10 2021 | Include CVE references for dependencies | Check for hardcoded secrets (regex patterns) | Validate JWT implementation | Review CORS policy | Assess rate limiting coverage | Verify HTTPS enforcement | Check for information disclosure | Test for broken access control
"
```
### Phase 2: Documentation Generation (after remediation)
```bash
~/.claude/scripts/qwen-wrapper --approval-mode yolo -p "
PURPOSE: Document security controls for audit trail and team reference
TASK: Create security documentation based on Phase 1 findings and remediation actions
MODE: write
CONTEXT: Phase 1 audit identified: 3 high-priority issues (fixed), 7 medium issues (fixed), 12 low issues (backlog), implemented WAF with ModSecurity, added rate limiting, upgraded dependencies, enabled security headers
EXPECTED: Create SECURITY.md with sections: 1) Security Architecture Overview, 2) Threat Model, 3) Security Controls (preventive/detective/corrective), 4) Authentication & Authorization, 5) Data Protection, 6) API Security, 7) Dependency Management, 8) Incident Response Plan, 9) Security Checklist for Developers, 10) Audit Log. Include before/after comparisons for fixed issues.
RULES: Reference CWE IDs for all controls | Include mitigation strategies | Document security testing procedures | Add security review checklist for PRs | Reference OWASP ASVS controls | Include incident response runbook | Add security metrics for monitoring | Create security champion rotation schedule
"
```
### Phase 3: Verification (after documentation)
```bash
cd src && ~/.claude/scripts/qwen-wrapper -p "
PURPOSE: Verify security remediation completeness and control effectiveness
TASK: Review implemented security fixes against Phase 1 findings, validate controls are working as documented in Phase 2, identify any gaps or regressions
MODE: analysis
CONTEXT: @{**/*.ts,SECURITY.md,tests/security/**/*.test.ts} All high and medium issues marked as fixed, 15 new security tests added, dependency updates applied, WAF rules configured
EXPECTED: Verification report: 1) Fix validation (each Phase 1 issue reviewed), 2) Control effectiveness assessment, 3) Test coverage for security controls, 4) Regression check, 5) Documentation accuracy review, 6) Remaining risks and acceptance criteria, 7) Go/No-Go recommendation for production deployment
RULES: Validate each fix has corresponding test | Verify security headers in HTTP responses | Check WAF rules are active | Confirm rate limiting is enforced | Validate dependency versions match recommendations | Review security test coverage >80% | Confirm incident response contacts are current
"
```
### Key Points
- **Three-phase workflow**: Audit → Document → Verify
- **Context continuity**: Each phase references previous results
- **Comprehensive coverage**: From findings to fixes to verification
- **Production readiness**: Includes go/no-go decision

61
.claude/skills/qwen/analysis-examples.md Normal file
View File

@@ -0,0 +1,61 @@
# Qwen Analysis Mode Examples
> **📖 Template Structure**: See [Universal Template Structure](SKILL.md#universal-template-structure) in SKILL.md for detailed field guidelines.
All examples demonstrate read-only analysis mode with compliance-focused, security-aware prompt writing.
## Example 1: Architecture Analysis with Business Context
```bash
cd src/auth && ~/.claude/scripts/qwen-wrapper -p "
PURPOSE: Analyze authentication system to support SOC 2 compliance audit
TASK: Review authentication flow, authorization logic, session management, token handling, password policies, audit logging
MODE: analysis
CONTEXT: @{**/*.ts,**/*.json,!**/*.test.ts} System serves 50k daily active users, uses JWT with Redis session store, bcrypt for passwords
EXPECTED: Compliance-ready analysis including: 1) Authentication flow diagram, 2) Security control mapping (SOC 2 CC6.1), 3) Vulnerability assessment with CVSS scores, 4) Policy compliance report, 5) Audit logging coverage, 6) Remediation roadmap with deadlines
RULES: $(cat ~/.claude/workflows/cli-templates/prompts/analysis/architecture.txt) | Map to SOC 2 Trust Service Criteria | Follow OWASP ASVS v4.0 | Include penetration test recommendations | Verify GDPR data handling | Document all authentication events for audit trail
"
```
**Key Points**:
- **PURPOSE**: Include business driver (SOC 2 compliance)
- **CONTEXT**: Business metrics (50k DAU) + tech stack details
- **EXPECTED**: Numbered, specific deliverables with compliance mapping
- **RULES**: Multiple compliance frameworks + specific versions
## Example 2: Performance Optimization with Metrics
```bash
~/.claude/scripts/qwen-wrapper -p "
PURPOSE: Identify API performance bottlenecks to meet SLA requirements (<200ms p95)
TASK: Analyze request lifecycle: routing → middleware → controller → service → repository → database, measure each layer, identify slow queries, evaluate caching strategy, assess serialization overhead
MODE: analysis
CONTEXT: @{src/api/**/*.ts,src/services/**/*.ts,src/repositories/**/*.ts,src/middleware/**/*.ts} Current p95: 850ms, p99: 2.1s, 10k req/min peak, PostgreSQL 14, Redis 7, Node 20 LTS
EXPECTED: Performance optimization report: 1) Latency breakdown by layer (with percentiles), 2) Top 10 slow queries with execution plans, 3) N+1 query identification, 4) Caching opportunity analysis (hit rate projections), 5) Database index recommendations, 6) Implementation priority matrix (impact vs effort), 7) Expected performance gains per optimization
RULES: $(cat ~/.claude/workflows/cli-templates/prompts/analysis/pattern.txt) | Focus on p95 and p99 latency | Identify serialization bottlenecks | Evaluate connection pooling | Consider Redis cache warming | Analyze query plan costs | Include monitoring recommendations (APM integration) | Prioritize quick wins vs long-term improvements
"
```
**Key Points**:
- **TASK**: Detailed layer-by-layer analysis with measurement
- **CONTEXT**: Current metrics (p95, p99) + target SLA + tech versions
- **EXPECTED**: Quantifiable outputs (top 10, hit rates, gains)
- **RULES**: Performance-focused constraints with monitoring integration
## Example 3: Code Quality Assessment with Technical Debt
```bash
cd src && ~/.claude/scripts/qwen-wrapper -p "
PURPOSE: Assess technical debt to plan refactoring sprint
TASK: Analyze code quality metrics: cyclomatic complexity, code duplication, test coverage, type safety, documentation completeness, pattern consistency, dependency coupling
MODE: analysis
CONTEXT: @{**/*.ts,!**/node_modules/**,!**/*.test.ts,tsconfig.json,jest.config.js,CLAUDE.md} Codebase: 80k LOC, 12 months old, 6 developers, TypeScript 5.2, strict mode enabled, current test coverage 45%
EXPECTED: Technical debt assessment: 1) Complexity hotspots (files >10 cyclomatic complexity), 2) Duplication report (>5% threshold), 3) Coverage gaps by module, 4) Type safety violations, 5) Documentation score, 6) Dependency coupling matrix, 7) Refactoring backlog prioritized by maintainability impact, 8) Sprint plan (2-week capacity) with effort estimates in story points
RULES: $(cat ~/.claude/workflows/cli-templates/prompts/analysis/quality.txt) | Use standard complexity thresholds (>10 high, >20 critical) | Identify copy-paste code blocks | Flag any 'any' types | Check JSDoc coverage for public APIs | Detect circular dependencies | Calculate technical debt in developer-days | Recommend ESLint rule additions | Include CI/CD quality gate suggestions
"
```
**Key Points**:
- **CONTEXT**: Team context (6 devs, 12 months) + current metrics (45% coverage)
- **EXPECTED**: Sprint-ready backlog with effort estimates (story points)
- **RULES**: Specific thresholds + quantifiable debt + tooling recommendations

45
.claude/skills/qwen/template-examples.md Normal file
View File

@@ -0,0 +1,45 @@
# Qwen Template Usage Examples
> **📖 Template Structure**: See [Universal Template Structure](SKILL.md#universal-template-structure) in SKILL.md for detailed field guidelines.
## Multi-Template Quality & Security Review
This example demonstrates combining multiple templates for comprehensive pre-release audit.
```bash
~/.claude/scripts/qwen-wrapper -p "
PURPOSE: Pre-release quality gate combining security, performance, and maintainability checks
TASK: Execute comprehensive review across: security vulnerabilities, code quality metrics, performance bottlenecks, pattern consistency, test coverage, documentation completeness
MODE: analysis
CONTEXT: @{src/**/*,!**/node_modules/**,tests/**/*,docs/**/*,CLAUDE.md,package.json,tsconfig.json} Release v3.0 scheduled in 1 week, 6-month development cycle, 10 developers, 120k LOC added/changed, current test coverage 72%, no security audit since v2.5 (6 months ago)
EXPECTED: Consolidated release readiness report: 1) Executive Summary (Go/No-Go with rationale), 2) Security Assessment (OWASP Top 10 coverage, dependency CVEs, CVSS scores), 3) Performance Benchmarks (vs v2.5 baseline, latency p50/p95/p99), 4) Code Quality Metrics (complexity hotspots, duplication %, type safety score), 5) Test Coverage Analysis (per module, gaps in critical paths), 6) Documentation Review (API docs, runbooks, migration guides), 7) Breaking Changes Assessment (semver compliance), 8) Rollback Plan, 9) Post-release Monitoring Strategy, 10) Release Blocker Issues (prioritized action items)
RULES: $(cat ~/.claude/workflows/cli-templates/prompts/analysis/security.txt) $(cat ~/.claude/workflows/cli-templates/prompts/analysis/quality.txt) $(cat ~/.claude/workflows/cli-templates/prompts/analysis/pattern.txt) | Block release if any CVSS >7.0 unpatched | Require >70% test coverage for new code | Flag complexity >15 as blocker | Verify all breaking changes are documented | Check migration guide completeness | Validate rollback tested in staging | Ensure monitoring dashboards updated | Confirm on-call runbooks current | Assess blast radius for failures | Include load test results vs capacity plan
"
```
## Key Points
- **Three templates combined**: Security + Quality + Pattern analysis
- **Release context**: Timeline (1 week), team size, scope (120k LOC)
- **Decision-oriented**: Go/No-Go recommendation with criteria
- **RULES as quality gate**: Specific blocking criteria + verification steps
## Template Combinations
### Security + Architecture + Compliance
```bash
RULES: $(cat ~/.claude/workflows/cli-templates/prompts/analysis/security.txt) $(cat ~/.claude/workflows/cli-templates/prompts/analysis/architecture.txt) | Map to SOC 2 controls | Include threat modeling | Document compliance evidence
```
### Quality + Pattern + Maintainability
```bash
RULES: $(cat ~/.claude/workflows/cli-templates/prompts/analysis/quality.txt) $(cat ~/.claude/workflows/cli-templates/prompts/analysis/pattern.txt) | Calculate technical debt | Assess refactoring ROI | Include maintainability index
```
### Migration Planning Template
```bash
RULES: $(cat ~/.claude/workflows/cli-templates/prompts/analysis/architecture.txt) | Zero-downtime requirement | Feature flag strategy | Rollback plan | Performance comparison | Risk assessment matrix
```

41
.claude/skills/qwen/write-examples.md Normal file
View File

@@ -0,0 +1,41 @@
# Qwen Write Mode Examples
> **📖 Template Structure**: See [Universal Template Structure](SKILL.md#universal-template-structure) in SKILL.md for detailed field guidelines.
All examples demonstrate write mode with compliance-focused documentation generation.
## Example 1: API Documentation with OpenAPI Spec
```bash
~/.claude/scripts/qwen-wrapper --approval-mode yolo -p "
PURPOSE: Generate production-ready API documentation for partner integration
TASK: Document all public API endpoints: authentication flow, user management, data access, webhooks, including request/response schemas, error codes, rate limits, pagination, versioning
MODE: write
CONTEXT: @{src/api/**/*.ts,src/controllers/**/*.ts,src/validators/**/*.ts,src/middleware/auth.ts,src/middleware/rateLimit.ts} API v2.1, OAuth 2.0 + API keys, rate limit 1000/hour per key, pagination max 100 items, webhook retry 3 times with exponential backoff
EXPECTED: Generate two files: 1) API_REFERENCE.md with sections (Authentication, Endpoints by resource, Webhooks, Error Handling, Rate Limits, Pagination, Versioning, SDKs), include curl/JavaScript/Python examples for each endpoint; 2) openapi.yaml (OpenAPI 3.1 spec) for automated tooling
RULES: Follow OpenAPI 3.1 specification exactly | Use markdown tables for parameter documentation | Include all HTTP status codes with examples | Document rate limit headers (X-RateLimit-*) | Provide webhook signature verification examples | Add troubleshooting section for common errors | Reference RFC 6749 for OAuth | Include Postman collection generation instructions
"
```
**Key Points**:
- **--approval-mode yolo**: Required for write mode
- **EXPECTED**: Two output files with specific formats (MD + YAML)
- **RULES**: Specification compliance + examples in multiple languages + troubleshooting
## Example 2: Module Documentation with Architecture Diagrams
```bash
cd src/payment && ~/.claude/scripts/qwen-wrapper --approval-mode yolo -p "
PURPOSE: Document payment module for PCI DSS compliance audit and team onboarding
TASK: Create comprehensive documentation covering: payment flow, provider integration (Stripe, PayPal), retry logic, idempotency, reconciliation, refund handling, webhook processing, failure scenarios
MODE: write
CONTEXT: @{**/*.ts,../models/**/*.ts,../services/**/*.ts,../../config/payment.json} Processes $2M monthly, supports 3 providers, handles 50k transactions/month, uses Stripe SDK v11, implements at-least-once delivery, stores payment tokens in HashiCorp Vault
EXPECTED: Create PAYMENT_MODULE.md with sections: 1) Executive Summary (purpose, metrics), 2) Architecture Overview (with Mermaid diagram), 3) Payment Flow (sequence diagram for happy path), 4) Provider Integration (per-provider details), 5) Idempotency Strategy, 6) Error Handling & Retries, 7) Reconciliation Process, 8) Security & PCI Compliance, 9) Monitoring & Alerting, 10) Runbooks (common operations), 11) Testing Strategy, 12) API Reference. Include code examples for critical paths.
RULES: $(cat ~/.claude/workflows/cli-templates/prompts/memory/claude-module-unified.txt) | Include PCI DSS scope documentation | Document all failure scenarios with recovery procedures | Add Mermaid sequence diagrams for complex flows | Reference Stripe best practices | Include rate limiting for provider APIs | Document vault token lifecycle | Add metric definitions for monitoring | Create decision tree for refund handling | Include disaster recovery procedures
"
```
**Key Points**:
- **CONTEXT**: Business metrics ($2M, 50k txns) + security tooling (Vault)
- **EXPECTED**: Single comprehensive file with 12 sections + diagrams + code
- **RULES**: Compliance focus + diagrams + operational runbooks