agent-bot/takt
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

resolved #45

Browse Source
This commit is contained in:
nrslib 2026-01-31 09:40:36 +09:00
parent 2cfe77977c
commit 6468fa6345
5 changed files with 1065 additions and 1410 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

238
resources/global/en/workflows/expert-cqrs.yaml
View File

@ -2,13 +2,12 @@
# Review workflow with CQRS+ES, Frontend, Security, and QA experts
#
# Flow:
# plan -> implement -> ai_review -> cqrs_es_review -> frontend_review -> security_review -> qa_review -> supervise -> COMPLETE
# ↓ ↓ ↓ ↓ ↓ ↓
# ai_fix fix_cqrs_es fix_frontend fix_security fix_qa fix_supervisor
#
# Fix destination is determined by Coder based on change impact:
# - fix_security: MINOR->security_review, MAJOR->cqrs_es_review
# - fix_qa: MINOR->qa_review, SECURITY->security_review, MAJOR->cqrs_es_review
# plan -> implement -> ai_review -> reviewers (parallel) -> supervise -> COMPLETE
# ↓ ├─ cqrs-es-review ↓
# ai_fix ├─ frontend-review fix_supervisor
# ├─ security-review
# └─ qa-review
# any("needs_fix") → fix → reviewers
#
# Template Variables:
# {iteration} - Workflow-wide turn count (total steps executed across all agents)
@ -190,7 +189,7 @@ steps:
- Scope creep detection
rules:
- condition: No AI-specific issues found
next: cqrs_es_review
next: reviewers
- condition: AI-specific issues detected
next: ai_fix
@ -224,9 +223,11 @@ steps:
next: plan
# ===========================================
# Phase 3: CQRS+ES Review
# Phase 3: Expert Reviews (Parallel)
# ===========================================
- name: cqrs_es_review
- name: reviewers
parallel:
- name: cqrs-es-review
edit: false
agent: ../agents/expert-cqrs/cqrs-es-reviewer.md
report:
@ -261,9 +262,12 @@ steps:
- Write
- WebSearch
- WebFetch
rules:
- condition: approved
- condition: needs_fix
instruction_template: |
Review the changes above from the CQRS (Command Query Responsibility Segregation)
and Event Sourcing perspective.
Review the changes from the CQRS (Command Query Responsibility Segregation)
and Event Sourcing perspective. Do NOT review AI-specific issues (that's the ai_review step).
**Review Criteria:**
- Aggregate design validity
@ -274,47 +278,8 @@ steps:
**Note**: If this project does not use CQRS+ES patterns,
review from a general domain design perspective.
rules:
- condition: CQRS+ES design is sound with no issues
next: frontend_review
- condition: CQRS+ES design issues found
next: fix_cqrs_es
- name: fix_cqrs_es
edit: true
agent: ../agents/default/coder.md
allowed_tools:
- Read
- Glob
- Grep
- Edit
- Write
- Bash
- WebSearch
- WebFetch
instruction_template: |
## CQRS+ES Review Feedback (This is the latest instruction - prioritize this)
{previous_response}
**Important**: Fix the issues pointed out by the CQRS+ES expert.
Areas of concern:
- Aggregate design
- Event design
- Command/Query separation
- Projections
- Eventual consistency
pass_previous_response: true
rules:
- condition: CQRS+ES issues have been fixed
next: cqrs_es_review
- condition: Unable to proceed with fixes
next: plan
# ===========================================
# Phase 4: Frontend Review
# ===========================================
- name: frontend_review
- name: frontend-review
edit: false
agent: ../agents/expert/frontend-reviewer.md
report:
@ -349,8 +314,11 @@ steps:
- Write
- WebSearch
- WebFetch
rules:
- condition: approved
- condition: needs_fix
instruction_template: |
Review the changes above from the frontend development perspective.
Review the changes from the frontend development perspective.
**Review Criteria:**
- Component design (separation of concerns, granularity)
@ -362,47 +330,8 @@ steps:
**Note**: If this project does not include frontend code,
approve and proceed to the next step.
rules:
- condition: Frontend design is sound with no issues
next: security_review
- condition: Frontend design issues found
next: fix_frontend
- name: fix_frontend
edit: true
agent: ../agents/default/coder.md
allowed_tools:
- Read
- Glob
- Grep
- Edit
- Write
- Bash
- WebSearch
- WebFetch
instruction_template: |
## Frontend Review Feedback (This is the latest instruction - prioritize this)
{previous_response}
**Important**: Fix the issues pointed out by the frontend expert.
Areas of concern:
- Component design
- State management
- Performance
- Accessibility
- Type safety
pass_previous_response: true
rules:
- condition: Frontend issues have been fixed
next: frontend_review
- condition: Unable to proceed with fixes
next: plan
# ===========================================
# Phase 5: Security Review
# ===========================================
- name: security_review
- name: security-review
edit: false
agent: ../agents/expert/security-reviewer.md
report:
@ -431,6 +360,11 @@ steps:
## Warnings (non-blocking)
- {Security recommendations}
```
**Cognitive load reduction rules:**
- No issues -> Check table only (10 lines or less)
- Warnings -> + Warnings 1-2 lines (15 lines or less)
- Vulnerabilities -> + Table format (30 lines or less)
allowed_tools:
- Read
- Glob
@ -438,66 +372,17 @@ steps:
- Write
- WebSearch
- WebFetch
instruction_template: |
Review the changes above from the security perspective.
**Review Criteria:**
- Injection attacks (SQL, command, XSS)
- Authentication/authorization flaws
- Sensitive information handling
- Encryption appropriateness
- OWASP Top 10
rules:
- condition: No security issues found
next: qa_review
- condition: Security vulnerabilities detected
next: fix_security
- name: fix_security
edit: true
agent: ../agents/default/coder.md
allowed_tools:
- Read
- Glob
- Grep
- Edit
- Write
- Bash
- WebSearch
- WebFetch
- condition: approved
- condition: needs_fix
instruction_template: |
## Security Review Feedback (This is the latest instruction - prioritize this)
{previous_response}
Perform security review on the changes. Check for vulnerabilities including:
- Injection attacks (SQL, Command, XSS)
- Authentication/Authorization issues
- Data exposure risks
- Cryptographic weaknesses
**Important**: Fix the issues pointed out by the security expert.
Security issues should be addressed with highest priority.
Areas of concern:
- Injection vulnerabilities
- Authentication/authorization flaws
- Sensitive information exposure
- Encryption issues
## Completion: Determine Change Impact
When fix is complete, judge the **impact scope of changes**:
- Minor fix (re-run security review only)
- Examples: Add validation, add escaping, configuration changes
- Major fix (restart from CQRS+ES review)
- Examples: Data flow changes, API design changes, auth method changes, domain model changes
pass_previous_response: true
rules:
- condition: Minor security fix is complete
next: security_review
- condition: Major fix applied requiring CQRS+ES re-review
next: cqrs_es_review
- condition: Unable to proceed with fixes
next: plan
# ===========================================
# Phase 6: QA Review
# ===========================================
- name: qa_review
- name: qa-review
edit: false
agent: ../agents/expert/qa-reviewer.md
report:
@ -532,8 +417,11 @@ steps:
- Write
- WebSearch
- WebFetch
rules:
- condition: approved
- condition: needs_fix
instruction_template: |
Review the changes above from the quality assurance perspective.
Review the changes from the quality assurance perspective.
**Review Criteria:**
- Test coverage and quality
@ -543,12 +431,12 @@ steps:
- Logging and monitoring
- Maintainability
rules:
- condition: Quality standards are met
- condition: all("approved")
next: supervise
- condition: Quality issues found
next: fix_qa
- condition: any("needs_fix")
next: fix
- name: fix_qa
- name: fix
edit: true
agent: ../agents/default/coder.md
allowed_tools:
@ -560,41 +448,23 @@ steps:
- Bash
- WebSearch
- WebFetch
permission_mode: acceptEdits
rules:
- condition: Fix complete
next: reviewers
- condition: Cannot proceed, insufficient info
next: plan
instruction_template: |
## QA Review Feedback (This is the latest instruction - prioritize this)
## Review Feedback (This is the latest instruction - prioritize this)
{previous_response}
**Important**: Fix the issues pointed out by the QA expert.
Areas of concern:
- Adding/improving tests
- Adding/fixing documentation
- Error handling
- Log output
- Code quality
## Completion: Determine Change Impact
When fix is complete, judge the **impact scope of changes**:
- Minor fix (re-run QA review only)
- Examples: Add tests, add documentation, add logs, add comments
- Security-impacting fix (restart from security review)
- Examples: Error handling changes (error message content changes), input validation changes
- Major fix (restart from CQRS+ES review)
- Examples: Business logic changes, data model changes, API changes
**Important**: Address the feedback from the reviewers.
The "Original User Request" is reference information, not the latest instruction.
Review the session conversation history and fix the issues raised by the reviewers.
pass_previous_response: true
rules:
- condition: Minor QA fix is complete
next: qa_review
- condition: Security-impacting fix applied
next: security_review
- condition: Major fix applied requiring CQRS+ES re-review
next: cqrs_es_review
- condition: Unable to proceed with fixes
next: plan
# ===========================================
# Phase 7: Supervision
# Phase 4: Supervision
# ===========================================
- name: supervise
edit: false

230
resources/global/en/workflows/expert.yaml
View File

@ -2,17 +2,16 @@
# Review workflow with Architecture, Frontend, Security, and QA experts
#
# Flow:
# plan -> implement -> ai_review -> architect_review -> frontend_review -> security_review -> qa_review -> supervise -> COMPLETE
# ↓ ↓ ↓ ↓ ↓ ↓ ↓
# ai_fix fix_architect fix_frontend fix_security fix_qa fix_supervisor
# plan -> implement -> ai_review -> reviewers (parallel) -> supervise -> COMPLETE
# ↓ ├─ arch-review ↓
# ai_fix ├─ frontend-review fix_supervisor
# ├─ security-review
# └─ qa-review
# any("needs_fix") → fix → reviewers
#
# AI review runs immediately after implementation to catch AI-specific issues early,
# before expert reviews begin.
#
# Fix destination is determined by Coder based on change impact:
# - fix_security: MINOR->security_review, MAJOR->architect_review
# - fix_qa: MINOR->qa_review, SECURITY->security_review, MAJOR->architect_review
#
# Boilerplate sections (Workflow Context, User Request, Previous Response,
# Additional User Inputs, Instructions heading) are auto-injected by buildInstruction().
# Only step-specific content belongs in instruction_template.
@ -202,7 +201,7 @@ steps:
- Scope creep detection
rules:
- condition: No AI-specific issues found
next: architect_review
next: reviewers
- condition: AI-specific issues detected
next: ai_fix
@ -236,9 +235,11 @@ steps:
next: plan
# ===========================================
# Phase 3: Architecture Review
# Phase 3: Expert Reviews (Parallel)
# ===========================================
- name: architect_review
- name: reviewers
parallel:
- name: arch-review
edit: false
agent: ../agents/default/architecture-reviewer.md
report:
@ -280,8 +281,11 @@ steps:
- Write
- WebSearch
- WebFetch
rules:
- condition: approved
- condition: needs_fix
instruction_template: |
Focus on **architecture and design** review.
Focus on **architecture and design** review. Do NOT review AI-specific issues (that's the ai_review step).
**Review Criteria:**
- Structure/design validity
@ -290,45 +294,8 @@ steps:
- Test coverage
- Dead code
- Call chain verification
rules:
- condition: No architecture or design issues found
next: frontend_review
- condition: Minor improvements needed but no structural issues
next: fix_architect
- condition: Structural issues found that require fixes
next: fix_architect
- name: fix_architect
edit: true
agent: ../agents/default/coder.md
allowed_tools:
- Read
- Glob
- Grep
- Edit
- Write
- Bash
- WebSearch
- WebFetch
permission_mode: acceptEdits
instruction_template: |
## Architect Feedback (This is the latest instruction - prioritize this)
{previous_response}
**Important**: Address the Architect's feedback.
"Original User Request" is for reference; it's not the latest instruction.
Review the session conversation history and fix the Architect's issues.
pass_previous_response: true
rules:
- condition: Architect's issues have been fixed
next: architect_review
- condition: Unable to proceed with fixes
next: plan
# ===========================================
# Phase 4: Frontend Review
# ===========================================
- name: frontend_review
- name: frontend-review
edit: false
agent: ../agents/expert/frontend-reviewer.md
report:
@ -363,6 +330,9 @@ steps:
- Write
- WebSearch
- WebFetch
rules:
- condition: approved
- condition: needs_fix
instruction_template: |
Review the changes from the frontend development perspective.
@ -376,47 +346,8 @@ steps:
**Note**: If this project does not include frontend code,
approve and proceed to the next step.
rules:
- condition: Frontend design is sound with no issues
next: security_review
- condition: Frontend design issues found
next: fix_frontend
- name: fix_frontend
edit: true
agent: ../agents/default/coder.md
allowed_tools:
- Read
- Glob
- Grep
- Edit
- Write
- Bash
- WebSearch
- WebFetch
instruction_template: |
## Frontend Review Feedback (This is the latest instruction - prioritize this)
{previous_response}
**Important**: Fix the issues pointed out by the frontend expert.
Areas of concern:
- Component design
- State management
- Performance
- Accessibility
- Type safety
pass_previous_response: true
rules:
- condition: Frontend issues have been fixed
next: frontend_review
- condition: Unable to proceed with fixes
next: plan
# ===========================================
# Phase 5: Security Review
# ===========================================
- name: security_review
- name: security-review
edit: false
agent: ../agents/expert/security-reviewer.md
report:
@ -445,6 +376,11 @@ steps:
## Warnings (non-blocking)
- {Security recommendations}
```
**Cognitive load reduction rules:**
- No issues -> Check table only (10 lines or less)
- Warnings -> + Warnings 1-2 lines (15 lines or less)
- Vulnerabilities -> + Table format (30 lines or less)
allowed_tools:
- Read
- Glob
@ -452,66 +388,17 @@ steps:
- Write
- WebSearch
- WebFetch
instruction_template: |
Review the changes from the security perspective.
**Review Criteria:**
- Injection attacks (SQL, command, XSS)
- Authentication/authorization flaws
- Sensitive information handling
- Encryption appropriateness
- OWASP Top 10
rules:
- condition: No security issues found
next: qa_review
- condition: Security vulnerabilities detected
next: fix_security
- name: fix_security
edit: true
agent: ../agents/default/coder.md
allowed_tools:
- Read
- Glob
- Grep
- Edit
- Write
- Bash
- WebSearch
- WebFetch
- condition: approved
- condition: needs_fix
instruction_template: |
## Security Review Feedback (This is the latest instruction - prioritize this)
{previous_response}
Perform security review on the changes. Check for vulnerabilities including:
- Injection attacks (SQL, Command, XSS)
- Authentication/Authorization issues
- Data exposure risks
- Cryptographic weaknesses
**Important**: Fix the issues pointed out by the security expert.
Security issues should be addressed with highest priority.
Areas of concern:
- Injection vulnerabilities
- Authentication/authorization flaws
- Sensitive information exposure
- Encryption issues
## Completion: Determine Change Impact
When fix is complete, judge the **impact scope of changes**:
- Minor fix (re-run security review only)
- Examples: Add validation, add escaping, configuration changes
- Major fix (restart from Architecture review)
- Examples: Data flow changes, API design changes, auth method changes, domain model changes
pass_previous_response: true
rules:
- condition: Minor security fix is complete
next: security_review
- condition: Major fix applied requiring architecture re-review
next: architect_review
- condition: Unable to proceed with fixes
next: plan
# ===========================================
# Phase 6: QA Review
# ===========================================
- name: qa_review
- name: qa-review
edit: false
agent: ../agents/expert/qa-reviewer.md
report:
@ -546,6 +433,9 @@ steps:
- Write
- WebSearch
- WebFetch
rules:
- condition: approved
- condition: needs_fix
instruction_template: |
Review the changes from the quality assurance perspective.
@ -557,12 +447,12 @@ steps:
- Logging and monitoring
- Maintainability
rules:
- condition: Quality standards are met
- condition: all("approved")
next: supervise
- condition: Quality issues found
next: fix_qa
- condition: any("needs_fix")
next: fix
- name: fix_qa
- name: fix
edit: true
agent: ../agents/default/coder.md
allowed_tools:
@ -574,41 +464,23 @@ steps:
- Bash
- WebSearch
- WebFetch
permission_mode: acceptEdits
rules:
- condition: Fix complete
next: reviewers
- condition: Cannot proceed, insufficient info
next: plan
instruction_template: |
## QA Review Feedback (This is the latest instruction - prioritize this)
## Review Feedback (This is the latest instruction - prioritize this)
{previous_response}
**Important**: Fix the issues pointed out by the QA expert.
Areas of concern:
- Adding/improving tests
- Adding/fixing documentation
- Error handling
- Log output
- Code quality
## Completion: Determine Change Impact
When fix is complete, judge the **impact scope of changes**:
- Minor fix (re-run QA review only)
- Examples: Add tests, add documentation, add logs, add comments
- Security-impacting fix (restart from security review)
- Examples: Error handling changes (error message content changes), input validation changes
- Major fix (restart from Architecture review)
- Examples: Business logic changes, data model changes, API changes
**Important**: Address the feedback from the reviewers.
The "Original User Request" is reference information, not the latest instruction.
Review the session conversation history and fix the issues raised by the reviewers.
pass_previous_response: true
rules:
- condition: Minor QA fix is complete
next: qa_review
- condition: Security-impacting fix applied
next: security_review
- condition: Major fix applied requiring architecture re-review
next: architect_review
- condition: Unable to proceed with fixes
next: plan
# ===========================================
# Phase 7: Supervision
# Phase 4: Supervision
# ===========================================
- name: supervise
edit: false

236
resources/global/ja/workflows/expert-cqrs.yaml
View File

@ -2,13 +2,12 @@
# CQRS+ES、フロントエンド、セキュリティ、QAの専門家によるレビューワークフロー
#
# フロー:
# plan -> implement -> ai_review -> cqrs_es_review -> frontend_review -> security_review -> qa_review -> supervise -> COMPLETE
# ↓ ↓ ↓ ↓ ↓ ↓
# ai_fix fix_cqrs_es fix_frontend fix_security fix_qa fix_supervisor
#
# 修正時の戻り先はCoderが判断:
# - fix_security: MINOR→security_review, MAJOR→cqrs_es_review
# - fix_qa: MINOR→qa_review, SECURITY→security_review, MAJOR→cqrs_es_review
# plan -> implement -> ai_review -> reviewers (parallel) -> supervise -> COMPLETE
# ↓ ├─ cqrs-es-review ↓
# ai_fix ├─ frontend-review fix_supervisor
# ├─ security-review
# └─ qa-review
# any("needs_fix") → fix → reviewers
#
# ボイラープレートセクションWorkflow Context, User Request, Previous Response,
# Additional User Inputs, Instructions headingはbuildInstruction()が自動挿入。
@ -199,7 +198,7 @@ steps:
- スコープクリープの検出
rules:
- condition: AI特有の問題が見つからない
next: cqrs_es_review
next: reviewers
- condition: AI特有の問題が検出された
next: ai_fix
@ -233,9 +232,11 @@ steps:
next: plan
# ===========================================
# Phase 3: CQRS+ES Review
# Phase 3: Expert Reviews (Parallel)
# ===========================================
- name: cqrs_es_review
- name: reviewers
parallel:
- name: cqrs-es-review
edit: false
agent: ../agents/expert-cqrs/cqrs-es-reviewer.md
report:
@ -270,9 +271,12 @@ steps:
- Write
- WebSearch
- WebFetch
rules:
- condition: approved
- condition: needs_fix
instruction_template: |
CQRSコマンドクエリ責務分離とEvent Sourcingイベントソーシングの観点から
上記の変更をレビューしてください。
変更をレビューしてください。AI特有の問題のレビューは不要ですai_reviewステップで実施済み
**レビュー観点:**
- Aggregate設計の妥当性
@ -283,47 +287,8 @@ steps:
**注意**: このプロジェクトがCQRS+ESパターンを使用していない場合は、
一般的なドメイン設計の観点からレビューしてください。
rules:
- condition: CQRS+ES設計に問題がない
next: frontend_review
- condition: CQRS+ES設計に問題がある
next: fix_cqrs_es
- name: fix_cqrs_es
edit: true
agent: ../agents/default/coder.md
allowed_tools:
- Read
- Glob
- Grep
- Edit
- Write
- Bash
- WebSearch
- WebFetch
instruction_template: |
## CQRS+ES Review Feedback (これが最新の指示です - 優先して対応してください)
{previous_response}
**重要**: CQRS+ES専門家からの指摘を修正してください。
指摘されたポイント:
- Aggregate設計
- イベント設計
- Command/Query分離
- プロジェクション
- 結果整合性
pass_previous_response: true
rules:
- condition: CQRS+ES専門家の指摘に対する修正が完了した
next: cqrs_es_review
- condition: 修正を進行できない
next: plan
# ===========================================
# Phase 4: Frontend Review
# ===========================================
- name: frontend_review
- name: frontend-review
edit: false
agent: ../agents/expert/frontend-reviewer.md
report:
@ -358,8 +323,11 @@ steps:
- Write
- WebSearch
- WebFetch
rules:
- condition: approved
- condition: needs_fix
instruction_template: |
フロントエンド開発の観点から上記の変更をレビューしてください。
フロントエンド開発の観点から変更をレビューしてください。
**レビュー観点:**
- コンポーネント設計(責務分離、粒度)
@ -371,47 +339,8 @@ steps:
**注意**: このプロジェクトがフロントエンドを含まない場合は、
問題なしとして次に進んでください。
rules:
- condition: フロントエンド設計に問題がない
next: security_review
- condition: フロントエンド設計に問題がある
next: fix_frontend
- name: fix_frontend
edit: true
agent: ../agents/default/coder.md
allowed_tools:
- Read
- Glob
- Grep
- Edit
- Write
- Bash
- WebSearch
- WebFetch
instruction_template: |
## Frontend Review Feedback (これが最新の指示です - 優先して対応してください)
{previous_response}
**重要**: フロントエンド専門家からの指摘を修正してください。
指摘されたポイント:
- コンポーネント設計
- 状態管理
- パフォーマンス
- アクセシビリティ
- 型安全性
pass_previous_response: true
rules:
- condition: フロントエンドの指摘に対する修正が完了した
next: frontend_review
- condition: 修正を進行できない
next: plan
# ===========================================
# Phase 5: Security Review
# ===========================================
- name: security_review
- name: security-review
edit: false
agent: ../agents/expert/security-reviewer.md
report:
@ -440,6 +369,11 @@ steps:
## 警告(ブロッキングではない)
- {セキュリティに関する推奨事項}
```
**認知負荷軽減ルール:**
- 問題なし → チェック表のみ10行以内
- 警告 → + 警告1-2行15行以内
- 脆弱性 → + 表形式30行以内
allowed_tools:
- Read
- Glob
@ -447,66 +381,17 @@ steps:
- Write
- WebSearch
- WebFetch
rules:
- condition: approved
- condition: needs_fix
instruction_template: |
セキュリティの観点から上記の変更をレビューしてください。
**レビュー観点:**
セキュリティの観点から変更をレビューしてください。以下の脆弱性をチェック:
- インジェクション攻撃SQL, コマンド, XSS
- 認証・認可の不備
- 機密情報の取り扱い
- 暗号化の適切性
- OWASP Top 10
rules:
- condition: セキュリティ上の問題がない
next: qa_review
- condition: セキュリティ上の脆弱性が検出された
next: fix_security
- データ露出リスク
- 暗号化の弱点
- name: fix_security
edit: true
agent: ../agents/default/coder.md
allowed_tools:
- Read
- Glob
- Grep
- Edit
- Write
- Bash
- WebSearch
- WebFetch
instruction_template: |
## Security Review Feedback (これが最新の指示です - 優先して対応してください)
{previous_response}
**重要**: セキュリティ専門家からの指摘を修正してください。
セキュリティ問題は最優先で対応してください。
指摘されたポイント:
- インジェクション脆弱性
- 認証・認可の不備
- 機密情報の露出
- 暗号化の問題
## 修正完了時の判断
修正が完了したら、**変更の影響範囲**を判断してください:
- 軽微な修正(セキュリティレビューのみ再実施)
- : バリデーション追加、エスケープ処理追加、設定変更
- 大きな修正CQRS+ESレビューからやり直し
- : データフロー変更、API設計変更、認証方式変更、ドメインモデル変更
pass_previous_response: true
rules:
- condition: 軽微なセキュリティ修正が完了した
next: security_review
- condition: 大きな修正を行い、CQRS+ESレビューからやり直す必要がある
next: cqrs_es_review
- condition: 修正を進行できない
next: plan
# ===========================================
# Phase 6: QA Review
# ===========================================
- name: qa_review
- name: qa-review
edit: false
agent: ../agents/expert/qa-reviewer.md
report:
@ -541,8 +426,11 @@ steps:
- Write
- WebSearch
- WebFetch
rules:
- condition: approved
- condition: needs_fix
instruction_template: |
品質保証の観点から上記の変更をレビューしてください。
品質保証の観点から変更をレビューしてください。
**レビュー観点:**
- テストカバレッジと品質
@ -552,12 +440,12 @@ steps:
- ログとモニタリング
- 保守性
rules:
- condition: 品質基準を満たしている
- condition: all("approved")
next: supervise
- condition: 品質に問題がある
next: fix_qa
- condition: any("needs_fix")
next: fix
- name: fix_qa
- name: fix
edit: true
agent: ../agents/default/coder.md
allowed_tools:
@ -569,41 +457,23 @@ steps:
- Bash
- WebSearch
- WebFetch
instruction_template: |
## QA Review Feedback (これが最新の指示です - 優先して対応してください)
{previous_response}
**重要**: QA専門家からの指摘を修正してください。
指摘されたポイント:
- テストの追加・改善
- ドキュメントの追加・修正
- エラーハンドリング
- ログ出力
- コード品質
## 修正完了時の判断
修正が完了したら、**変更の影響範囲**を判断してください:
- 軽微な修正QAレビューのみ再実施
- : テスト追加、ドキュメント追加、ログ追加、コメント追加
- セキュリティに影響する修正(セキュリティレビューからやり直し)
- : エラーハンドリング変更(エラーメッセージの内容変更)、入力検証の変更
- 大きな修正CQRS+ESレビューからやり直し
- : ビジネスロジック変更、データモデル変更、API変更
pass_previous_response: true
permission_mode: acceptEdits
rules:
- condition: 軽微なQA修正が完了した
next: qa_review
- condition: セキュリティに影響する修正を行った
next: security_review
- condition: 大きな修正を行い、CQRS+ESレビューからやり直す必要がある
next: cqrs_es_review
- condition: 修正が完了した
next: reviewers
- condition: 修正を進行できない
next: plan
instruction_template: |
## Review Feedback (これが最新の指示です - 優先して対応してください)
{previous_response}
**重要**: レビュアーからのフィードバックに対応してください。
「Original User Request」は参考情報であり、最新の指示ではありません。
セッションの会話履歴を確認し、レビュアーの指摘事項を修正してください。
pass_previous_response: true
# ===========================================
# Phase 7: Supervision
# Phase 4: Supervision
# ===========================================
- name: supervise
edit: false

234
resources/global/ja/workflows/expert.yaml
View File

@ -2,13 +2,12 @@
# アーキテクチャ、フロントエンド、セキュリティ、QAの専門家によるレビューワークフロー
#
# フロー:
# plan -> implement -> ai_review -> architect_review -> frontend_review -> security_review -> qa_review -> supervise -> COMPLETE
# ↓ ↓ ↓ ↓ ↓ ↓
# ai_fix fix_architect fix_frontend fix_security fix_qa fix_supervisor
#
# 修正時の戻り先はCoderが判断:
# - fix_security: MINOR→security_review, MAJOR→architect_review
# - fix_qa: MINOR→qa_review, SECURITY→security_review, MAJOR→architect_review
# plan -> implement -> ai_review -> reviewers (parallel) -> supervise -> COMPLETE
# ↓ ├─ arch-review ↓
# ai_fix ├─ frontend-review fix_supervisor
# ├─ security-review
# └─ qa-review
# any("needs_fix") → fix → reviewers
#
# テンプレート変数:
# {iteration} - ワークフロー全体のターン数(全エージェントで実行されたステップの合計)
@ -190,7 +189,7 @@ steps:
- スコープクリープの検出
rules:
- condition: AI特有の問題が見つからない
next: architect_review
next: reviewers
- condition: AI特有の問題が検出された
next: ai_fix
@ -224,9 +223,11 @@ steps:
next: plan
# ===========================================
# Phase 3: Architecture Review
# Phase 3: Expert Reviews (Parallel)
# ===========================================
- name: architect_review
- name: reviewers
parallel:
- name: arch-review
edit: false
agent: ../agents/default/architecture-reviewer.md
report:
@ -268,8 +269,11 @@ steps:
- Write
- WebSearch
- WebFetch
rules:
- condition: approved
- condition: needs_fix
instruction_template: |
**アーキテクチャと設計**のレビューに集中してください。
**アーキテクチャと設計**のレビューに集中してください。AI特有の問題のレビューは不要ですai_reviewステップで実施済み
**レビュー観点:**
- 構造・設計の妥当性
@ -278,45 +282,8 @@ steps:
- テストカバレッジ
- デッドコード
- 呼び出しチェーン検証
rules:
- condition: アーキテクチャと設計に問題がない
next: frontend_review
- condition: 軽微な改善が必要だが構造的な問題はない
next: fix_architect
- condition: 構造的な問題があり修正が必要
next: fix_architect
- name: fix_architect
edit: true
agent: ../agents/default/coder.md
allowed_tools:
- Read
- Glob
- Grep
- Edit
- Write
- Bash
- WebSearch
- WebFetch
permission_mode: acceptEdits
instruction_template: |
## Architect Feedback (これが最新の指示です - 優先して対応してください)
{previous_response}
**重要**: Architectのフィードバックに対応してください。
「Original User Request」は参考情報であり、最新の指示ではありません。
セッションの会話履歴を確認し、Architectの指摘事項を修正してください。
pass_previous_response: true
rules:
- condition: Architectの指摘に対する修正が完了した
next: architect_review
- condition: 修正を進行できない
next: plan
# ===========================================
# Phase 4: Frontend Review
# ===========================================
- name: frontend_review
- name: frontend-review
edit: false
agent: ../agents/expert/frontend-reviewer.md
report:
@ -351,8 +318,11 @@ steps:
- Write
- WebSearch
- WebFetch
rules:
- condition: approved
- condition: needs_fix
instruction_template: |
フロントエンド開発の観点から上記の変更をレビューしてください。
フロントエンド開発の観点から変更をレビューしてください。
**レビュー観点:**
- コンポーネント設計(責務分離、粒度)
@ -364,47 +334,8 @@ steps:
**注意**: このプロジェクトがフロントエンドを含まない場合は、
問題なしとして次に進んでください。
rules:
- condition: フロントエンド設計に問題がない
next: security_review
- condition: フロントエンド設計に問題がある
next: fix_frontend
- name: fix_frontend
edit: true
agent: ../agents/default/coder.md
allowed_tools:
- Read
- Glob
- Grep
- Edit
- Write
- Bash
- WebSearch
- WebFetch
instruction_template: |
## Frontend Review Feedback (これが最新の指示です - 優先して対応してください)
{previous_response}
**重要**: フロントエンド専門家からの指摘を修正してください。
指摘されたポイント:
- コンポーネント設計
- 状態管理
- パフォーマンス
- アクセシビリティ
- 型安全性
pass_previous_response: true
rules:
- condition: フロントエンドの指摘に対する修正が完了した
next: frontend_review
- condition: 修正を進行できない
next: plan
# ===========================================
# Phase 5: Security Review
# ===========================================
- name: security_review
- name: security-review
edit: false
agent: ../agents/expert/security-reviewer.md
report:
@ -433,6 +364,11 @@ steps:
## 警告(ブロッキングではない)
- {セキュリティに関する推奨事項}
```
**認知負荷軽減ルール:**
- 問題なし → チェック表のみ10行以内
- 警告 → + 警告1-2行15行以内
- 脆弱性 → + 表形式30行以内
allowed_tools:
- Read
- Glob
@ -440,66 +376,17 @@ steps:
- Write
- WebSearch
- WebFetch
rules:
- condition: approved
- condition: needs_fix
instruction_template: |
セキュリティの観点から上記の変更をレビューしてください。
**レビュー観点:**
セキュリティの観点から変更をレビューしてください。以下の脆弱性をチェック:
- インジェクション攻撃SQL, コマンド, XSS
- 認証・認可の不備
- 機密情報の取り扱い
- 暗号化の適切性
- OWASP Top 10
rules:
- condition: セキュリティ上の問題がない
next: qa_review
- condition: セキュリティ上の脆弱性が検出された
next: fix_security
- データ露出リスク
- 暗号化の弱点
- name: fix_security
edit: true
agent: ../agents/default/coder.md
allowed_tools:
- Read
- Glob
- Grep
- Edit
- Write
- Bash
- WebSearch
- WebFetch
instruction_template: |
## Security Review Feedback (これが最新の指示です - 優先して対応してください)
{previous_response}
**重要**: セキュリティ専門家からの指摘を修正してください。
セキュリティ問題は最優先で対応してください。
指摘されたポイント:
- インジェクション脆弱性
- 認証・認可の不備
- 機密情報の露出
- 暗号化の問題
## 修正完了時の判断
修正が完了したら、**変更の影響範囲**を判断してください:
- 軽微な修正(セキュリティレビューのみ再実施)
- : バリデーション追加、エスケープ処理追加、設定変更
- 大きな修正(アーキテクチャレビューからやり直し)
- : データフロー変更、API設計変更、認証方式変更、ドメインモデル変更
pass_previous_response: true
rules:
- condition: 軽微なセキュリティ修正が完了した
next: security_review
- condition: 大きな修正を行い、アーキテクチャレビューからやり直す必要がある
next: architect_review
- condition: 修正を進行できない
next: plan
# ===========================================
# Phase 6: QA Review
# ===========================================
- name: qa_review
- name: qa-review
edit: false
agent: ../agents/expert/qa-reviewer.md
report:
@ -534,8 +421,11 @@ steps:
- Write
- WebSearch
- WebFetch
rules:
- condition: approved
- condition: needs_fix
instruction_template: |
品質保証の観点から上記の変更をレビューしてください。
品質保証の観点から変更をレビューしてください。
**レビュー観点:**
- テストカバレッジと品質
@ -545,12 +435,12 @@ steps:
- ログとモニタリング
- 保守性
rules:
- condition: 品質基準を満たしている
- condition: all("approved")
next: supervise
- condition: 品質に問題がある
next: fix_qa
- condition: any("needs_fix")
next: fix
- name: fix_qa
- name: fix
edit: true
agent: ../agents/default/coder.md
allowed_tools:
@ -562,41 +452,23 @@ steps:
- Bash
- WebSearch
- WebFetch
instruction_template: |
## QA Review Feedback (これが最新の指示です - 優先して対応してください)
{previous_response}
**重要**: QA専門家からの指摘を修正してください。
指摘されたポイント:
- テストの追加・改善
- ドキュメントの追加・修正
- エラーハンドリング
- ログ出力
- コード品質
## 修正完了時の判断
修正が完了したら、**変更の影響範囲**を判断してください:
- 軽微な修正QAレビューのみ再実施
- : テスト追加、ドキュメント追加、ログ追加、コメント追加
- セキュリティに影響する修正(セキュリティレビューからやり直し)
- : エラーハンドリング変更(エラーメッセージの内容変更)、入力検証の変更
- 大きな修正(アーキテクチャレビューからやり直し)
- : ビジネスロジック変更、データモデル変更、API変更
pass_previous_response: true
permission_mode: acceptEdits
rules:
- condition: 軽微なQA修正が完了した
next: qa_review
- condition: セキュリティに影響する修正を行った
next: security_review
- condition: 大きな修正を行い、アーキテクチャレビューからやり直す必要がある
next: architect_review
- condition: 修正が完了した
next: reviewers
- condition: 修正を進行できない
next: plan
instruction_template: |
## Review Feedback (これが最新の指示です - 優先して対応してください)
{previous_response}
**重要**: レビュアーからのフィードバックに対応してください。
「Original User Request」は参考情報であり、最新の指示ではありません。
セッションの会話履歴を確認し、レビュアーの指摘事項を修正してください。
pass_previous_response: true
# ===========================================
# Phase 7: Supervision
# Phase 4: Supervision
# ===========================================
- name: supervise
edit: false

171
src/__tests__/workflow-expert-parallel.test.ts Normal file
View File

@ -0,0 +1,171 @@
/**
* Tests for expert/expert-cqrs workflow parallel review structure.
*
* Validates that:
* - expert and expert-cqrs workflows load successfully via loadWorkflow
* - The reviewers step is a parallel step with expected sub-steps
* - ai_review routes to reviewers (not individual review steps)
* - fix step routes back to reviewers
* - Aggregate rules (all/any) are configured on the reviewers step
* - Sub-step rules use simple approved/needs_fix conditions
*/
import { describe, it, expect } from 'vitest';
import { loadWorkflow } from '../config/loader.js';
describe('expert workflow parallel structure', () => {
const workflow = loadWorkflow('expert');
it('should load successfully', () => {
expect(workflow).not.toBeNull();
expect(workflow!.name).toBe('expert');
});
it('should have a reviewers parallel step', () => {
const reviewers = workflow!.steps.find((s) => s.name === 'reviewers');
expect(reviewers).toBeDefined();
expect(reviewers!.parallel).toBeDefined();
expect(reviewers!.parallel!.length).toBe(4);
});
it('should have arch-review, frontend-review, security-review, qa-review as sub-steps', () => {
const reviewers = workflow!.steps.find((s) => s.name === 'reviewers');
const subNames = reviewers!.parallel!.map((s) => s.name);
expect(subNames).toContain('arch-review');
expect(subNames).toContain('frontend-review');
expect(subNames).toContain('security-review');
expect(subNames).toContain('qa-review');
});
it('should have aggregate rules on reviewers step', () => {
const reviewers = workflow!.steps.find((s) => s.name === 'reviewers');
expect(reviewers!.rules).toBeDefined();
const conditions = reviewers!.rules!.map((r) => r.condition);
expect(conditions).toContain('all("approved")');
expect(conditions).toContain('any("needs_fix")');
});
it('should have simple approved/needs_fix rules on each sub-step', () => {
const reviewers = workflow!.steps.find((s) => s.name === 'reviewers');
for (const sub of reviewers!.parallel!) {
expect(sub.rules).toBeDefined();
const conditions = sub.rules!.map((r) => r.condition);
expect(conditions).toContain('approved');
expect(conditions).toContain('needs_fix');
}
});
it('should route ai_review to reviewers', () => {
const aiReview = workflow!.steps.find((s) => s.name === 'ai_review');
expect(aiReview).toBeDefined();
const approvedRule = aiReview!.rules!.find((r) => r.next === 'reviewers');
expect(approvedRule).toBeDefined();
});
it('should have a unified fix step routing back to reviewers', () => {
const fix = workflow!.steps.find((s) => s.name === 'fix');
expect(fix).toBeDefined();
const fixComplete = fix!.rules!.find((r) => r.next === 'reviewers');
expect(fixComplete).toBeDefined();
});
it('should not have individual review/fix steps', () => {
const stepNames = workflow!.steps.map((s) => s.name);
expect(stepNames).not.toContain('architect_review');
expect(stepNames).not.toContain('fix_architect');
expect(stepNames).not.toContain('frontend_review');
expect(stepNames).not.toContain('fix_frontend');
expect(stepNames).not.toContain('security_review');
expect(stepNames).not.toContain('fix_security');
expect(stepNames).not.toContain('qa_review');
expect(stepNames).not.toContain('fix_qa');
});
it('should route reviewers all("approved") to supervise', () => {
const reviewers = workflow!.steps.find((s) => s.name === 'reviewers');
const approvedRule = reviewers!.rules!.find((r) => r.condition === 'all("approved")');
expect(approvedRule!.next).toBe('supervise');
});
it('should route reviewers any("needs_fix") to fix', () => {
const reviewers = workflow!.steps.find((s) => s.name === 'reviewers');
const needsFixRule = reviewers!.rules!.find((r) => r.condition === 'any("needs_fix")');
expect(needsFixRule!.next).toBe('fix');
});
});
describe('expert-cqrs workflow parallel structure', () => {
const workflow = loadWorkflow('expert-cqrs');
it('should load successfully', () => {
expect(workflow).not.toBeNull();
expect(workflow!.name).toBe('expert-cqrs');
});
it('should have a reviewers parallel step', () => {
const reviewers = workflow!.steps.find((s) => s.name === 'reviewers');
expect(reviewers).toBeDefined();
expect(reviewers!.parallel).toBeDefined();
expect(reviewers!.parallel!.length).toBe(4);
});
it('should have cqrs-es-review instead of arch-review', () => {
const reviewers = workflow!.steps.find((s) => s.name === 'reviewers');
const subNames = reviewers!.parallel!.map((s) => s.name);
expect(subNames).toContain('cqrs-es-review');
expect(subNames).not.toContain('arch-review');
expect(subNames).toContain('frontend-review');
expect(subNames).toContain('security-review');
expect(subNames).toContain('qa-review');
});
it('should have aggregate rules on reviewers step', () => {
const reviewers = workflow!.steps.find((s) => s.name === 'reviewers');
expect(reviewers!.rules).toBeDefined();
const conditions = reviewers!.rules!.map((r) => r.condition);
expect(conditions).toContain('all("approved")');
expect(conditions).toContain('any("needs_fix")');
});
it('should have simple approved/needs_fix rules on each sub-step', () => {
const reviewers = workflow!.steps.find((s) => s.name === 'reviewers');
for (const sub of reviewers!.parallel!) {
expect(sub.rules).toBeDefined();
const conditions = sub.rules!.map((r) => r.condition);
expect(conditions).toContain('approved');
expect(conditions).toContain('needs_fix');
}
});
it('should route ai_review to reviewers', () => {
const aiReview = workflow!.steps.find((s) => s.name === 'ai_review');
expect(aiReview).toBeDefined();
const approvedRule = aiReview!.rules!.find((r) => r.next === 'reviewers');
expect(approvedRule).toBeDefined();
});
it('should have a unified fix step routing back to reviewers', () => {
const fix = workflow!.steps.find((s) => s.name === 'fix');
expect(fix).toBeDefined();
const fixComplete = fix!.rules!.find((r) => r.next === 'reviewers');
expect(fixComplete).toBeDefined();
});
it('should not have individual review/fix steps', () => {
const stepNames = workflow!.steps.map((s) => s.name);
expect(stepNames).not.toContain('cqrs_es_review');
expect(stepNames).not.toContain('fix_cqrs_es');
expect(stepNames).not.toContain('frontend_review');
expect(stepNames).not.toContain('fix_frontend');
expect(stepNames).not.toContain('security_review');
expect(stepNames).not.toContain('fix_security');
expect(stepNames).not.toContain('qa_review');
expect(stepNames).not.toContain('fix_qa');
});
it('should use cqrs-es-reviewer agent for the first sub-step', () => {
const reviewers = workflow!.steps.find((s) => s.name === 'reviewers');
const cqrsReview = reviewers!.parallel!.find((s) => s.name === 'cqrs-es-review');
expect(cqrsReview!.agent).toContain('cqrs-es-reviewer');
});
});