--- name: design-thinking description: Apply the Design Thinking process (Empathize, Define, Ideate, Prototype, Test) to solve complex user problems. triggers: [design thinking, empathize, user journey, persona, ideation, brainstorming, prototype, user research] tags: [product] context_cost: medium --- # Design Thinking Skill ## Goal To solve problems from a human-centric perspective. This skill guides the agent and user through the double-diamond process: discovering the right problem (diverge/converge) and designing the right solution (diverge/converge). ## Steps 1. **Empathize (Understand the User)** * Create **Empathize Maps** (Says, Thinks, Does, Feels). * Develop **Personas** (if not already existing in `agents/personas`). * Capture **User Stories** from the user's perspective. * *Output:* `docs/strategic/EMPATHY_MAP.md` 2. **Define (The Problem Statement)** * Synthesize findings into a clear Point of View (POV). * Format: "User [X] needs [Y] because [Z] (insight)." * Create **How Might We (HMW)** questions to frame the challenge. * *Output:* Updated `docs/strategic/PROBLEM_STATEMENT.md` 3. **Ideate (Generate Solutions)** * Brainstorm wide range of solutions for the HMW questions. * Techniques: Crazy 8s, SCAMPER, Worst Possible Idea. * Select top ideas based on Desirability, Viability, Feasibility. * *Output:* `docs/strategic/IDEATION_LOG.md` 4. **Prototype (Low-Fidelity)** * Describe key user flows (Text-based wireframes). * Generate Mermaid sequence or state diagrams for flows. * Concept validation before coding. 5. **Test (Validation)** * Define validation criteria for the prototype. * Examples: "User can complete flow X in < 3 clicks". ## Integration with SDD * The output of *Define* and *Prototype* feeds directly into `spec-writer.skill` (S01 Requirements). * *Design Thinking* finds the "Right Thing to Build". *SDD* ensures we "Build the Thing Right". ## Constraints * Do not jump to solution code. Stay in the problem space during Empathize/Define. * Focus on user *needs*, not just business requirements. ## Security & Guardrails ### 1. Skill Security (Design Thinking) - **Persona Data Privacy**: When creating "Empathy Maps" or "Personas", the agent must ensure that no real user identities, PII, or authentic customer support transcripts are explicitly included in the raw output. All personas must be heavily sanitized synthetic agglomerations. - **Ideation Artifact Control**: Ideation logs (`IDEATION_LOG.md`) often contain radical "Worst Possible Idea" concepts or unvetted, risky architectural bypasses. These artifacts must be clearly watermarked as `DRAFT/UNSAFE` to ensure other coding agents don't accidentally implement brainstormed vulnerabilities. ### 2. System Integration Security - **Adversarial Persona Injection**: During the "Empathize" phase, the agent must be required to generate at least one "Adversarial Persona" (e.g., "The Malicious Insider", "The Automated Botnet") to ensure that security and abuse cases are considered natively alongside happy-path user journeys. - **Prototype Scope Containment**: "Low-Fidelity Prototypes" generated by the agent must be strictly limited to structural representations (Mermaid, Markdown). The agent must not be allowed to auto-provision live cloud infrastructure or executable binaries under the guise of "rapid prototyping." ### 3. LLM & Agent Guardrails - **Empathy Bias Mitigation**: The LLM must be actively prompted to correct for representation bias during the Empathize phase, ensuring it does not default to designing exclusively for neurotypical, high-bandwidth, desktop users, ignoring accessibility and low-resource environments. - **Hostile POV Framing**: The agent must reject formulating Problem Statements (POV) that inherently demand a privacy-violating solution (e.g., rejecting "How Might We track the user's keystrokes across all non-company apps to improve their productivity?").