# Agent System & Skills Matrix

## Universal Squad Workflow (7 Steps)

```
Step 1: RESEARCH (all agents parallel)
  Read relevant files, load SKILL.md, WebSearch best practices
Step 2: INDIVIDUAL PLANS (written, not code)
  What found, what to change, why, risks, acceptance criteria
Step 3: TEAM LEAD PLAN REVIEW (gate)
  Reject insufficient research, resolve conflicts, approve with priority
Step 4: IMPLEMENTATION (parallel, file-isolated)
  Only approved changes, no overlaps
Step 5: DUAL REVIEW
  Agent 2 (Security) + Agent 5 (Quality) review ALL changes
Step 6: TEAM LEAD FINAL
  Read every file, run pnpm check + test + build
Step 7: DOCUMENT LEARNINGS
  Add to .claude/rules/remember.md
```

## Extended Specialist Pool

| Agent | Focus |
|-------|-------|
| Database Architect | Schema, SQL optimization |
| Test Engineer | Testing strategies |
| Debugger | Root cause analysis |
| Performance Optimizer | Core Web Vitals |
| SEO Specialist | Ranking, visibility |
| DevOps Engineer | CI/CD, Docker |
| AI Engineer | AI/ML, prompt engineering |
| Explorer Agent | Codebase analysis |
| Penetration Tester | Offensive security |

## Skills Decision Matrix

| Task Keywords | Load Skills |
|---------------|-------------|
| component, UI, page | `react-patterns`, `tailwind-patterns`, `frontend-design` |
| API, endpoint, tRPC | `api-patterns`, `nodejs-best-practices` |
| auth, login, session | `validatestrategy-auth`, `vulnerability-scanner` |
| payment, stripe, webhook | `validatestrategy-payment-flow`, `vulnerability-scanner` |
| analysis, pipeline, AI | `validatestrategy-analysis-pipeline`, `performance-profiling` |
| email, Resend, nurture | `validatestrategy-email-system` |
| admin, dashboard | `validatestrategy-admin-monitoring`, `react-patterns` |
| database, schema, Drizzle | `database-design` |
| test, spec, TDD | `testing-patterns`, `tdd-workflow`, `webapp-testing` |
| security, OWASP | `vulnerability-scanner`, `red-team-tactics` |
| SEO, meta, sitemap | `seo-fundamentals`, `bot-detection-seo` |
| render, prerender, SSR | `rendering-mastery`, `prerendering-infrastructure` |
| style, CSS, animation | `tailwind-patterns`, `frontend-design` |
| performance, Lighthouse | `performance-profiling`, `rendering-mastery` |
| deploy, CI/CD | `deployment-procedures`, `docker-expert` |
| debug, bug, error | `systematic-debugging`, `testing-patterns` |
| content, blog, MDX | `seo-content`, `seo-fundamentals` |

## Skill Combo Recipes

| Scenario | Skills |
|----------|--------|
| New Full-Stack Feature | `brainstorming` + `plan-writing` + `react-patterns` + `api-patterns` + `database-design` + `testing-patterns` + `vulnerability-scanner` |
| Security Audit | `vulnerability-scanner` + `red-team-tactics` + `code-review-checklist` |
| Performance Sprint | `performance-profiling` + `rendering-mastery` + `tailwind-patterns` |
| SEO Pipeline | `seo-fundamentals` + `seo-content` + `seo-schema` + `bot-detection-seo` |
| Bug Investigation | `systematic-debugging` + `testing-patterns` + domain skill |
| Auth Change | `validatestrategy-auth` + `vulnerability-scanner` + `red-team-tactics` |

## Project-Specific Skills (5 Critical)

| Skill | Domain | When |
|-------|--------|------|
| `validatestrategy-payment-flow` | Payments | Webhook, Stripe, PayPal, crypto |
| `validatestrategy-auth` | Auth | SIWE, magic link, JWT, nonces |
| `validatestrategy-analysis-pipeline` | AI Analysis | 6-part, state machine, prompts |
| `validatestrategy-email-system` | Email | Resend, nurture, rate limiting |
| `validatestrategy-admin-monitoring` | Admin | Event sourcing, circuit breaker |

## Mandatory Review Protocol
NEVER declare work complete without launching 3-4 parallel review agents to check:
1. Every changed file for logic errors
2. All intended changes are present
3. No contradictions between files
4. SEO/security/performance implications

## Agent Prompt Template
```
You are [ROLE]. Your mandate is [MANDATE].
Project Brief: [BRIEF]
Task: [SPECIFIC TASK]
Output: Clear sections, concrete recommendations, flag risks, list assumptions.
```