Claude-Code-Workflow/.claude/workflows/cli-templates/schemas/review-deep-dive-results-schema.json

{
  "$schema": "http://json-schema.org/draft-07/schema#",
  "title": "Review Deep-Dive Results Schema",
  "description": "Output schema for cli-explore-agent deep-dive iteration analysis. Contains root cause analysis, remediation plan, and impact assessment for critical findings.",
  "type": "object",
  "required": [
    "finding_id",
    "original_dimension",
    "iteration",
    "analysis_timestamp",
    "cli_tool_used",
    "root_cause",
    "remediation_plan",
    "impact_assessment",
    "reassessed_severity",
    "confidence_score",
    "status"
  ],
  "properties": {
    "finding_id": {
      "type": "string",
      "description": "Original finding ID from dimension analysis",
      "example": "sec-001-a1b2c3d4"
    },
    "original_dimension": {
      "type": "string",
      "enum": ["security", "architecture", "quality", "action-items", "performance", "maintainability", "best-practices"],
      "description": "Dimension where finding was originally discovered"
    },
    "iteration": {
      "type": "integer",
      "minimum": 1,
      "description": "Deep-dive iteration number"
    },
    "analysis_timestamp": {
      "type": "string",
      "format": "date-time",
      "description": "ISO8601 timestamp when deep-dive completed"
    },
    "cli_tool_used": {
      "type": "string",
      "enum": ["gemini", "qwen", "codex"],
      "description": "CLI tool used for deep-dive analysis"
    },
    "root_cause": {
      "type": "object",
      "required": ["summary", "details", "affected_scope"],
      "properties": {
        "summary": {
          "type": "string",
          "description": "One-sentence root cause summary"
        },
        "details": {
          "type": "string",
          "description": "Detailed explanation with history and context"
        },
        "affected_scope": {
          "type": "string",
          "description": "Full scope of affected code"
        },
        "similar_patterns": {
          "type": "array",
          "items": {
            "type": "string"
          },
          "description": "List of file:function where similar issue exists"
        }
      }
    },
    "remediation_plan": {
      "type": "object",
      "required": ["approach", "priority", "estimated_effort", "risk_level", "steps"],
      "properties": {
        "approach": {
          "type": "string",
          "description": "High-level fix strategy"
        },
        "priority": {
          "type": "string",
          "pattern": "^P[0-2] - ",
          "description": "Priority level with severity label",
          "examples": ["P0 - Critical (security vulnerability)", "P1 - High (performance bottleneck)"]
        },
        "estimated_effort": {
          "type": "string",
          "description": "Estimated time for development and testing",
          "example": "4 hours development + 2 hours testing"
        },
        "risk_level": {
          "type": "string",
          "enum": ["low", "medium", "high"],
          "description": "Risk level of implementing the fix"
        },
        "steps": {
          "type": "array",
          "minItems": 1,
          "items": {
            "type": "object",
            "required": ["step", "action", "files", "commands", "rationale", "validation"],
            "properties": {
              "step": {
                "type": "integer",
                "minimum": 1,
                "description": "Step sequence number"
              },
              "action": {
                "type": "string",
                "description": "What to do in this step"
              },
              "files": {
                "type": "array",
                "items": {
                  "type": "string"
                },
                "description": "Files to modify with function:lines format",
                "examples": ["src/database/query-builder.ts:buildUserQuery:140-150"]
              },
              "commands": {
                "type": "array",
                "items": {
                  "type": "string"
                },
                "description": "Specific code changes or commands to execute"
              },
              "rationale": {
                "type": "string",
                "description": "Why this step is needed"
              },
              "validation": {
                "type": "string",
                "description": "How to verify step completion (test command)",
                "example": "Run: npm test -- src/database/query-builder.test.ts"
              }
            }
          }
        },
        "rollback_strategy": {
          "type": "string",
          "description": "How to safely revert changes if needed"
        }
      }
    },
    "impact_assessment": {
      "type": "object",
      "required": ["files_affected", "tests_required", "breaking_changes"],
      "properties": {
        "files_affected": {
          "type": "array",
          "items": {
            "type": "string"
          },
          "description": "Files affected with action type",
          "examples": ["src/database/query-builder.ts (modify)", "src/database/validators.ts (new)"]
        },
        "tests_required": {
          "type": "array",
          "items": {
            "type": "string"
          },
          "description": "Test files required with action type",
          "examples": ["src/database/query-builder.test.ts (update existing)", "src/database/validators.test.ts (new)"]
        },
        "breaking_changes": {
          "type": "boolean",
          "description": "Whether this fix introduces breaking changes"
        },
        "dependencies_updated": {
          "type": "array",
          "items": {
            "type": "string"
          },
          "description": "Dependencies that need updating",
          "examples": ["knex@2.5.1 (ORM library)"]
        },
        "deployment_notes": {
          "type": "string",
          "description": "Special deployment considerations"
        }
      }
    },
    "reassessed_severity": {
      "type": "string",
      "enum": ["critical", "high", "medium", "low"],
      "description": "Updated severity after deep analysis"
    },
    "severity_change_reason": {
      "type": "string",
      "description": "Justification for severity change (or 'No change')"
    },
    "confidence_score": {
      "type": "number",
      "minimum": 0.0,
      "maximum": 1.0,
      "description": "Confidence level of analysis (0.0-1.0)"
    },
    "references": {
      "type": "array",
      "items": {
        "type": "string"
      },
      "description": "Project-specific and external documentation references"
    },
    "status": {
      "type": "string",
      "enum": ["remediation_plan_ready", "resolved"],
      "description": "Status after deep-dive analysis"
    }
  },
  "examples": [
    {
      "finding_id": "sec-001-a1b2c3d4",
      "original_dimension": "security",
      "iteration": 1,
      "analysis_timestamp": "2025-01-25T14:40:15Z",
      "cli_tool_used": "gemini",
      "root_cause": {
        "summary": "Legacy code from v1 migration, pre-ORM implementation",
        "details": "Query builder was ported from old codebase without security review. Team unaware of injection risks in string concatenation pattern. Code review at migration time focused on functionality, not security.",
        "affected_scope": "All query-builder.ts methods using string template literals (15 methods total)",
        "similar_patterns": [
          "src/database/user-queries.ts:buildEmailQuery",
          "src/database/order-queries.ts:buildOrderSearch"
        ]
      },
      "remediation_plan": {
        "approach": "Migrate to ORM prepared statements with input validation layer",
        "priority": "P0 - Critical (security vulnerability)",
        "estimated_effort": "4 hours development + 2 hours testing",
        "risk_level": "low",
        "steps": [
          {
            "step": 1,
            "action": "Replace direct string concatenation with ORM query builder",
            "files": ["src/database/query-builder.ts:buildUserQuery:140-150"],
            "commands": [
              "Replace: const query = `SELECT * FROM users WHERE id = ${userId}`;",
              "With: return db('users').where('id', userId).first();"
            ],
            "rationale": "ORM automatically parameterizes queries, eliminating injection risk",
            "validation": "Run: npm test -- src/database/query-builder.test.ts"
          },
          {
            "step": 2,
            "action": "Add input validation layer before ORM",
            "files": ["src/database/validators.ts:validateUserId:NEW"],
            "commands": [
              "Create validator: export function validateUserId(id: unknown): number { ... }",
              "Add schema: z.number().positive().int()"
            ],
            "rationale": "Defense in depth - validate types and ranges before database layer",
            "validation": "Run: npm test -- src/database/validators.test.ts"
          },
          {
            "step": 3,
            "action": "Apply pattern to all 15 similar methods",
            "files": ["src/database/query-builder.ts:ALL_METHODS"],
            "commands": ["Bulk replace string templates with ORM syntax"],
            "rationale": "Prevent similar vulnerabilities in other query methods",
            "validation": "Run: npm test -- src/database/"
          }
        ],
        "rollback_strategy": "Git commit before each step, revert if tests fail. Staged rollout: dev → staging → production with monitoring."
      },
      "impact_assessment": {
        "files_affected": [
          "src/database/query-builder.ts (modify)",
          "src/database/validators.ts (new)",
          "src/database/user-queries.ts (modify)",
          "src/database/order-queries.ts (modify)"
        ],
        "tests_required": [
          "src/database/query-builder.test.ts (update existing)",
          "src/database/validators.test.ts (new)",
          "integration/security/sql-injection.test.ts (new)"
        ],
        "breaking_changes": false,
        "dependencies_updated": ["knex@2.5.1 (ORM library)"],
        "deployment_notes": "No downtime required. Database migrations not needed."
      },
      "reassessed_severity": "high",
      "severity_change_reason": "Found existing WAF rules partially mitigate risk in production. Input validation at API gateway layer provides additional defense. Downgrade from critical to high, but still requires immediate fix.",
      "confidence_score": 0.95,
      "references": [
        "Project ORM migration guide: docs/architecture/orm-guide.md",
        "Knex.js parameterization: https://knexjs.org/guide/query-builder.html#where",
        "Similar incident: TICKET-1234 (previous SQL injection fix)"
      ],
      "status": "remediation_plan_ready"
    }
  ]
}