agent-bot/takt
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
takt/resources/global/en/workflows/expert.yaml
nrslib 5265cc0059 feat: Builtin管理をバンドル埋め込み方式に移行し、/ejectコマンドを追加 (#4) 
- ローダーがユーザーファイル優先、なければdist/resources/からbuiltinを読む方式に変更
- /ejectコマンドを追加(builtinを~/.takt/にコピーしてカスタマイズ可能に)
- /refresh-builtinを簡素化(ejectへの移行案内)
- config.yamlにdisabled_builtinsフィールドを追加
- ワークフローYAMLをrules形式に統一
2026-01-30 20:03:38 +09:00

732 lines
21 KiB
YAML
Raw Blame History

# Expert Review Workflow
# Review workflow with Architecture, Frontend, Security, and QA experts
#
# Flow:
# plan -> implement -> ai_review -> architect_review -> frontend_review -> security_review -> qa_review -> supervise -> COMPLETE
# ↓ ↓ ↓ ↓ ↓ ↓ ↓
# ai_fix fix_architect fix_frontend fix_security fix_qa fix_supervisor
#
# AI review runs immediately after implementation to catch AI-specific issues early,
# before expert reviews begin.
#
# Fix destination is determined by Coder based on change impact:
# - fix_security: MINOR->security_review, MAJOR->architect_review
# - fix_qa: MINOR->qa_review, SECURITY->security_review, MAJOR->architect_review
#
# Boilerplate sections (Workflow Context, User Request, Previous Response,
# Additional User Inputs, Instructions heading) are auto-injected by buildInstruction().
# Only step-specific content belongs in instruction_template.
#
# Template Variables (available in instruction_template):
# {iteration} - Workflow-wide turn count (total steps executed across all agents)
# {max_iterations} - Maximum iterations allowed for the workflow
# {step_iteration} - Per-step iteration count (how many times THIS step has been executed)
# {previous_response} - Output from the previous step (only when pass_previous_response: true)
# {report_dir} - Report directory name (e.g., "20250126-143052-task-summary")
#
# Step-level Fields:
# report: - Report file(s) for the step (auto-injected as Report File/Files in Workflow Context)
# Single: report: 00-plan.md
# Multiple: report:
# - Scope: 01-coder-scope.md
# - Decisions: 02-coder-decisions.md
name: expert
description: Architecture, Frontend, Security, QA Expert Review
max_iterations: 30
initial_step: plan
steps:
# ===========================================
# Phase 0: Planning
# ===========================================
- name: plan
edit: false
agent: ../agents/default/planner.md
report:
name: 00-plan.md
format: |
```markdown
# Task Plan
## Original Request
{User's request as-is}
## Analysis Results
### Objective
{What needs to be achieved}
### Scope
{Impact scope}
### Implementation Approach
{How to proceed}
## Clarifications Needed (if any)
- {Unclear points or items requiring confirmation}
```
allowed_tools:
- Read
- Glob
- Grep
- Write
- Bash
- WebSearch
- WebFetch
instruction_template: |
## Previous Response (when returned from implement)
{previous_response}
Analyze the task and create an implementation plan.
**Note:** If returned from implement step (Previous Response exists),
review and revise the plan based on that feedback (replan).
**Tasks:**
1. Understand the requirements
2. Identify impact scope
3. Decide implementation approach
pass_previous_response: true
rules:
- condition: Task analysis and planning is complete
next: implement
- condition: Requirements are unclear and planning cannot proceed
next: ABORT
# ===========================================
# Phase 1: Implementation
# ===========================================
- name: implement
edit: true
agent: ../agents/default/coder.md
report:
- Scope: 01-coder-scope.md
- Decisions: 02-coder-decisions.md
allowed_tools:
- Read
- Glob
- Grep
- Edit
- Write
- Bash
- WebSearch
- WebFetch
instruction_template: |
Follow the plan from the plan step and implement.
Refer to the plan report (00-plan.md) and proceed with implementation.
**Scope report format (create at implementation start):**
```markdown
# Change Scope Declaration
## Task
{One-line task summary}
## Planned Changes
| Type | File |
|------|------|
| Create | `src/example.ts` |
| Modify | `src/routes.ts` |
## Estimated Size
Small / Medium / Large
## Impact Scope
- {Affected modules or features}
```
**Decisions report format (on completion, only if decisions were made):**
```markdown
# Decision Log
## 1. {Decision Content}
- **Background**: {Why the decision was needed}
- **Options Considered**: {List of options}
- **Reason**: {Why this option was chosen}
```
rules:
- condition: Implementation is complete
next: ai_review
- condition: Cannot proceed with implementation
next: plan
# ===========================================
# Phase 2: AI Review
# ===========================================
- name: ai_review
edit: false
agent: ../agents/default/ai-antipattern-reviewer.md
report:
name: 03-ai-review.md
format: |
```markdown
# AI-Generated Code Review
## Result: APPROVE / REJECT
## Summary
{One sentence summarizing result}
## Verified Items
| Aspect | Result | Notes |
|--------|--------|-------|
| Assumption validity | ✅ | - |
| API/Library existence | ✅ | - |
| Context fit | ✅ | - |
| Scope | ✅ | - |
## Issues (if REJECT)
| # | Category | Location | Issue |
|---|----------|----------|-------|
| 1 | Hallucinated API | `src/file.ts:23` | Non-existent method |
```
**Cognitive load reduction rules:**
- No issues -> Summary 1 line + check table only (10 lines or less)
- Issues found -> + Issues in table format (25 lines or less)
allowed_tools:
- Read
- Glob
- Grep
- Write
- WebSearch
- WebFetch
instruction_template: |
Review the code for AI-specific issues:
- Assumption validation
- Plausible but wrong patterns
- Context fit with existing codebase
- Scope creep detection
rules:
- condition: No AI-specific issues found
next: architect_review
- condition: AI-specific issues detected
next: ai_fix
- name: ai_fix
edit: true
agent: ../agents/default/coder.md
allowed_tools:
- Read
- Glob
- Grep
- Edit
- Write
- Bash
- WebSearch
- WebFetch
instruction_template: |
## AI Review Feedback (This is the latest instruction - prioritize this)
{previous_response}
**Important**: Address the AI Reviewer's feedback.
Focus on:
- Correcting incorrect assumptions
- Fixing plausible-but-wrong implementations
- Aligning with existing codebase patterns
- Removing scope creep
pass_previous_response: true
rules:
- condition: AI Reviewer's issues have been fixed
next: ai_review
- condition: Unable to proceed with fixes
next: plan
# ===========================================
# Phase 3: Architecture Review
# ===========================================
- name: architect_review
edit: false
agent: ../agents/default/architecture-reviewer.md
report:
name: 04-architect-review.md
format: |
```markdown
# Architecture Review
## Result: APPROVE / IMPROVE / REJECT
## Summary
{1-2 sentences summarizing result}
## Reviewed Aspects
- [x] Structure/Design
- [x] Code Quality
- [x] Change Scope
- [x] Test Coverage
- [x] Dead Code
- [x] Call Chain Verification
## Issues (if REJECT)
| # | Location | Issue | Fix |
|---|----------|-------|-----|
| 1 | `src/file.ts:42` | Issue description | Fix method |
## Improvement Suggestions (optional - non-blocking)
- {Future improvement suggestions}
```
**Cognitive load reduction rules:**
- APPROVE + no issues -> Summary only (5 lines or less)
- APPROVE + minor suggestions -> Summary + suggestions (15 lines or less)
- REJECT -> Issues in table format (30 lines or less)
allowed_tools:
- Read
- Glob
- Grep
- Write
- WebSearch
- WebFetch
instruction_template: |
Focus on **architecture and design** review.
**Review Criteria:**
- Structure/design validity
- Code quality
- Change scope appropriateness
- Test coverage
- Dead code
- Call chain verification
rules:
- condition: No architecture or design issues found
next: frontend_review
- condition: Minor improvements needed but no structural issues
next: fix_architect
- condition: Structural issues found that require fixes
next: fix_architect
- name: fix_architect
edit: true
agent: ../agents/default/coder.md
allowed_tools:
- Read
- Glob
- Grep
- Edit
- Write
- Bash
- WebSearch
- WebFetch
permission_mode: acceptEdits
instruction_template: |
## Architect Feedback (This is the latest instruction - prioritize this)
{previous_response}
**Important**: Address the Architect's feedback.
"Original User Request" is for reference; it's not the latest instruction.
Review the session conversation history and fix the Architect's issues.
pass_previous_response: true
rules:
- condition: Architect's issues have been fixed
next: architect_review
- condition: Unable to proceed with fixes
next: plan
# ===========================================
# Phase 4: Frontend Review
# ===========================================
- name: frontend_review
edit: false
agent: ../agents/expert/frontend-reviewer.md
report:
name: 05-frontend-review.md
format: |
```markdown
# Frontend Review
## Result: APPROVE / REJECT
## Summary
{1-2 sentences summarizing result}
## Reviewed Perspectives
| Perspective | Result | Notes |
|-------------|--------|-------|
| Component Design | ✅ | - |
| State Management | ✅ | - |
| Performance | ✅ | - |
| Accessibility | ✅ | - |
| Type Safety | ✅ | - |
## Issues (if REJECT)
| # | Location | Issue | Fix |
|---|----------|-------|-----|
| 1 | `src/file.tsx:42` | Issue description | Fix method |
```
allowed_tools:
- Read
- Glob
- Grep
- Write
- WebSearch
- WebFetch
instruction_template: |
Review the changes from the frontend development perspective.
**Review Criteria:**
- Component design (separation of concerns, granularity)
- State management (local/global decisions)
- Performance (re-rendering, memoization)
- Accessibility (keyboard support, ARIA)
- Data fetching patterns
- TypeScript type safety
**Note**: If this project does not include frontend code,
approve and proceed to the next step.
rules:
- condition: Frontend design is sound with no issues
next: security_review
- condition: Frontend design issues found
next: fix_frontend
- name: fix_frontend
edit: true
agent: ../agents/default/coder.md
allowed_tools:
- Read
- Glob
- Grep
- Edit
- Write
- Bash
- WebSearch
- WebFetch
instruction_template: |
## Frontend Review Feedback (This is the latest instruction - prioritize this)
{previous_response}
**Important**: Fix the issues pointed out by the frontend expert.
Areas of concern:
- Component design
- State management
- Performance
- Accessibility
- Type safety
pass_previous_response: true
rules:
- condition: Frontend issues have been fixed
next: frontend_review
- condition: Unable to proceed with fixes
next: plan
# ===========================================
# Phase 5: Security Review
# ===========================================
- name: security_review
edit: false
agent: ../agents/expert/security-reviewer.md
report:
name: 06-security-review.md
format: |
```markdown
# Security Review
## Result: APPROVE / REJECT
## Severity: None / Low / Medium / High / Critical
## Check Results
| Category | Result | Notes |
|----------|--------|-------|
| Injection | ✅ | - |
| Auth/Authz | ✅ | - |
| Data Protection | ✅ | - |
| Dependencies | ✅ | - |
## Vulnerabilities (if REJECT)
| # | Severity | Type | Location | Fix |
|---|----------|------|----------|-----|
| 1 | High | SQLi | `src/db.ts:42` | Use parameterized query |
## Warnings (non-blocking)
- {Security recommendations}
```
allowed_tools:
- Read
- Glob
- Grep
- Write
- WebSearch
- WebFetch
instruction_template: |
Review the changes from the security perspective.
**Review Criteria:**
- Injection attacks (SQL, command, XSS)
- Authentication/authorization flaws
- Sensitive information handling
- Encryption appropriateness
- OWASP Top 10
rules:
- condition: No security issues found
next: qa_review
- condition: Security vulnerabilities detected
next: fix_security
- name: fix_security
edit: true
agent: ../agents/default/coder.md
allowed_tools:
- Read
- Glob
- Grep
- Edit
- Write
- Bash
- WebSearch
- WebFetch
instruction_template: |
## Security Review Feedback (This is the latest instruction - prioritize this)
{previous_response}
**Important**: Fix the issues pointed out by the security expert.
Security issues should be addressed with highest priority.
Areas of concern:
- Injection vulnerabilities
- Authentication/authorization flaws
- Sensitive information exposure
- Encryption issues
## Completion: Determine Change Impact
When fix is complete, judge the **impact scope of changes**:
- Minor fix (re-run security review only)
- Examples: Add validation, add escaping, configuration changes
- Major fix (restart from Architecture review)
- Examples: Data flow changes, API design changes, auth method changes, domain model changes
pass_previous_response: true
rules:
- condition: Minor security fix is complete
next: security_review
- condition: Major fix applied requiring architecture re-review
next: architect_review
- condition: Unable to proceed with fixes
next: plan
# ===========================================
# Phase 6: QA Review
# ===========================================
- name: qa_review
edit: false
agent: ../agents/expert/qa-reviewer.md
report:
name: 07-qa-review.md
format: |
```markdown
# QA Review
## Result: APPROVE / REJECT
## Summary
{1-2 sentences summarizing result}
## Reviewed Perspectives
| Perspective | Result | Notes |
|-------------|--------|-------|
| Test Coverage | ✅ | - |
| Test Quality | ✅ | - |
| Error Handling | ✅ | - |
| Documentation | ✅ | - |
| Maintainability | ✅ | - |
## Issues (if REJECT)
| # | Category | Issue | Fix |
|---|----------|-------|-----|
| 1 | Testing | Issue description | Fix method |
```
allowed_tools:
- Read
- Glob
- Grep
- Write
- WebSearch
- WebFetch
instruction_template: |
Review the changes from the quality assurance perspective.
**Review Criteria:**
- Test coverage and quality
- Test strategy (unit/integration/E2E)
- Documentation (in-code and external)
- Error handling
- Logging and monitoring
- Maintainability
rules:
- condition: Quality standards are met
next: supervise
- condition: Quality issues found
next: fix_qa
- name: fix_qa
edit: true
agent: ../agents/default/coder.md
allowed_tools:
- Read
- Glob
- Grep
- Edit
- Write
- Bash
- WebSearch
- WebFetch
instruction_template: |
## QA Review Feedback (This is the latest instruction - prioritize this)
{previous_response}
**Important**: Fix the issues pointed out by the QA expert.
Areas of concern:
- Adding/improving tests
- Adding/fixing documentation
- Error handling
- Log output
- Code quality
## Completion: Determine Change Impact
When fix is complete, judge the **impact scope of changes**:
- Minor fix (re-run QA review only)
- Examples: Add tests, add documentation, add logs, add comments
- Security-impacting fix (restart from security review)
- Examples: Error handling changes (error message content changes), input validation changes
- Major fix (restart from Architecture review)
- Examples: Business logic changes, data model changes, API changes
pass_previous_response: true
rules:
- condition: Minor QA fix is complete
next: qa_review
- condition: Security-impacting fix applied
next: security_review
- condition: Major fix applied requiring architecture re-review
next: architect_review
- condition: Unable to proceed with fixes
next: plan
# ===========================================
# Phase 7: Supervision
# ===========================================
- name: supervise
edit: false
agent: ../agents/expert/supervisor.md
report:
- Validation: 08-supervisor-validation.md
- Summary: summary.md
allowed_tools:
- Read
- Glob
- Grep
- Write
- WebSearch
- WebFetch
instruction_template: |
## Previous Reviews Summary
Reaching this step means all the following reviews have been APPROVED:
- Architecture Review: APPROVED
- Frontend Review: APPROVED
- AI Review: APPROVED
- Security Review: APPROVED
- QA Review: APPROVED
Run tests, verify the build, and perform final approval.
**Workflow Overall Review:**
1. Does the implementation match the plan (00-plan.md)?
2. Were all review step issues addressed?
3. Was the original task objective achieved?
**Review Reports:** Read all reports in Report Directory and
check for any unaddressed improvement suggestions.
**Validation report format:**
```markdown
# Final Validation Results
## Result: APPROVE / REJECT
## Validation Summary
| Item | Status | Verification Method |
|------|--------|---------------------|
| Requirements met | ✅ | Matched against requirements list |
| Tests | ✅ | `npm test` (N passed) |
| Build | ✅ | `npm run build` succeeded |
| Functional check | ✅ | Main flows verified |
## Deliverables
- Created: {Created files}
- Modified: {Modified files}
## Incomplete Items (if REJECT)
| # | Item | Reason |
|---|------|--------|
| 1 | {Item} | {Reason} |
```
**Summary report format (only if APPROVE):**
```markdown
# Task Completion Summary
## Task
{Original request in 1-2 sentences}
## Result
✅ Complete
## Changes
| Type | File | Summary |
|------|------|---------|
| Create | `src/file.ts` | Summary description |
## Review Results
| Review | Result |
|--------|--------|
| Architecture | ✅ APPROVE |
| Frontend | ✅ APPROVE |
| AI Review | ✅ APPROVE |
| Security | ✅ APPROVE |
| QA | ✅ APPROVE |
| Supervisor | ✅ APPROVE |
## Verification Commands
```bash
npm test
npm run build
```
```
rules:
- condition: All validations pass and ready to merge
next: COMPLETE
- condition: Issues detected during final review
next: fix_supervisor
- name: fix_supervisor
edit: true
agent: ../agents/default/coder.md
allowed_tools:
- Read
- Glob
- Grep
- Edit
- Write
- Bash
- WebSearch
- WebFetch
instruction_template: |
## Supervisor Feedback (This is the latest instruction - prioritize this)
{previous_response}
**Important**: Fix the issues pointed out by the supervisor.
The supervisor has identified issues from a big-picture perspective.
Address items in priority order.
pass_previous_response: true
rules:
- condition: Supervisor's issues have been fixed
next: supervise
- condition: Unable to proceed with fixes
next: plan
Reference in New Issue View Git Blame Copy Permalink