Skip to main content

50 Essential CODITECT CORE Workflows

50 Essential CODITECT-CORE Workflows

Version: 1.0.0 Last Updated: December 12, 2025 Purpose: Comprehensive workflow catalog for common development tasks

Table of Contents

1. Project Lifecycle

1. project-create

  • Description: Create a new project with complete structure, planning documents, and starter templates
  • Trigger: /new-project "description"
  • Complexity: moderate
  • Duration: 5-15m
  • QA Integration:
    • validation: required
    • review: recommended
  • Dependencies:
    • Agents: orchestrator, project-architect
    • Commands: /new-project, /build-project
  • Steps:
    1. Project initialization - orchestrator - Create directory structure and git repository
    2. Planning generation - project-architect - Generate project-plan.md and tasklist.md
    3. Template creation - project-architect - Create starter code templates for selected stack
    4. Dependency setup - orchestrator - Initialize package manager and install dependencies
    5. Validation gate - component-qa-validator - Verify project structure meets CODITECT standards
  • Tags: [initialization, setup, planning, scaffolding]

2. project-configure

  • Description: Configure existing project settings, environment variables, and build configuration
  • Trigger: /config-validate
  • Complexity: simple
  • Duration: 5-15m
  • QA Integration:
    • validation: required
    • review: optional
  • Dependencies:
    • Agents: devops-engineer, senior-architect
    • Commands: /config-validate
  • Steps:
    1. Current config analysis - devops-engineer - Review existing configuration files
    2. Environment setup - devops-engineer - Create/update .env templates and secret management
    3. Build configuration - senior-architect - Configure build tools (webpack, vite, etc.)
    4. Validation - component-qa-validator - Verify all required configs present and valid
  • Tags: [configuration, environment, setup]

3. project-maintain

  • Description: Routine project maintenance including dependency updates, security patches, and cleanup
  • Trigger: /dependency-audit
  • Complexity: moderate
  • Duration: 15-30m
  • QA Integration:
    • validation: required
    • review: recommended
  • Dependencies:
    • Agents: devops-engineer, security-specialist
    • Commands: /dependency-audit, /security-scan
  • Steps:
    1. Dependency audit - devops-engineer - Check for outdated dependencies and vulnerabilities
    2. Security scan - security-specialist - Run comprehensive security analysis
    3. Update strategy - devops-engineer - Plan safe update sequence avoiding breaking changes
    4. Update execution - devops-engineer - Apply updates with git checkpoints
    5. Testing - component-qa-validator - Run full test suite to verify stability
    6. Documentation - codi-documentation-writer - Update CHANGELOG.md
  • Tags: [maintenance, dependencies, security, updates]

4. project-migrate

  • Description: Migrate project to new framework, language, or architecture
  • Trigger: Task invocation with senior-architect
  • Complexity: complex
  • Duration: 30m+
  • QA Integration:
    • validation: required
    • review: required
  • Dependencies:
    • Agents: senior-architect, migration-specialist, orchestrator
    • Commands: /strategy, /implement
  • Steps:
    1. Migration planning - senior-architect - Analyze current state and target architecture
    2. Strategy document - senior-architect - Create ADR with migration approach and risks
    3. Incremental migration - migration-specialist - Break into phases with rollback points
    4. Implementation - orchestrator - Coordinate multi-agent execution
    5. Parallel testing - component-qa-validator - Run old and new systems side-by-side
    6. Review gate - component-qa-reviewer - Comprehensive review before cutover
    7. Cutover execution - devops-engineer - Execute migration with monitoring
  • Tags: [migration, architecture, refactoring, modernization]

5. project-archive

  • Description: Archive completed or deprecated project with full context preservation
  • Trigger: /checkpoint "Final archive"
  • Complexity: simple
  • Duration: 5-15m
  • QA Integration:
    • validation: recommended
    • review: optional
  • Dependencies:
    • Agents: codi-documentation-writer
    • Commands: /checkpoint, /context-save
  • Steps:
    1. Final checkpoint - orchestrator - Create comprehensive project checkpoint
    2. Documentation compilation - codi-documentation-writer - Generate archive README
    3. Context export - orchestrator - Save all session history and decisions
    4. Repository finalization - devops-engineer - Tag final version, update status badges
    5. Archive location - devops-engineer - Move to archive directory or mark archived
  • Tags: [archival, completion, preservation, documentation]

2. Developer Experience

6. session-start

  • Description: Start a new development session with context restoration and environment verification
  • Trigger: /orient or manual orientation
  • Complexity: simple
  • Duration: 1-5m
  • QA Integration:
    • validation: optional
    • review: none
  • Dependencies:
    • Agents: orchestrator
    • Commands: /orient, /context-restore, /cxq
  • Steps:
    1. Git status check - orchestrator - Review recent commits and branch status
    2. Context query - orchestrator - Load recent 200 messages from memory system
    3. Task review - orchestrator - Display pending tasks from tasklist.md
    4. Environment check - orchestrator - Verify dependencies and services running
  • Tags: [session, startup, context, orientation]

7. session-end

  • Description: End development session with checkpoint creation and context preservation
  • Trigger: /checkpoint "description"
  • Complexity: simple
  • Duration: 1-5m
  • QA Integration:
    • validation: optional
    • review: none
  • Dependencies:
    • Agents: orchestrator
    • Commands: /checkpoint, /context-save, /commit
  • Steps:
    1. Work summary - orchestrator - Summarize session accomplishments
    2. Checkpoint creation - orchestrator - Create session checkpoint
    3. Context save - orchestrator - Save session to memory system
    4. Git commit - orchestrator - Commit work with conventional format
    5. TASKLIST update - orchestrator - Update completed tasks
  • Tags: [session, checkpoint, preservation, commit]

8. quick-fix

  • Description: Rapid bug fix workflow with minimal overhead
  • Trigger: /debug or debugger agent
  • Complexity: simple
  • Duration: 5-15m
  • QA Integration:
    • validation: recommended
    • review: recommended
  • Dependencies:
    • Agents: debugger, testing-specialist
    • Commands: /debug, /run-tests
  • Steps:
    1. Issue reproduction - debugger - Confirm bug and create minimal reproduction
    2. Root cause - debugger - Identify root cause with stack trace analysis
    3. Fix implementation - debugger - Apply targeted fix
    4. Test creation - testing-specialist - Add regression test
    5. Validation - component-qa-validator - Run affected tests
    6. Quick review - component-qa-reviewer - Review fix for side effects
  • Tags: [bugfix, debugging, rapid, testing]

9. daily-standup

  • Description: Generate daily progress summary for standup meetings
  • Trigger: /cxq --today + manual summary
  • Complexity: simple
  • Duration: 1-5m
  • QA Integration:
    • validation: none
    • review: none
  • Dependencies:
    • Agents: orchestrator
    • Commands: /cxq
  • Steps:
    1. Today's activity - orchestrator - Query memory system for today's work
    2. Commit review - orchestrator - Analyze git commits from last 24 hours
    3. TASKLIST delta - orchestrator - Identify completed tasks
    4. Blocker identification - orchestrator - Flag any blockers or issues
    5. Summary generation - orchestrator - Format as standup report
  • Tags: [reporting, standup, summary, communication]

10. context-switch

  • Description: Switch between projects or features with context preservation
  • Trigger: /context-save then navigate to new work
  • Complexity: simple
  • Duration: 1-5m
  • QA Integration:
    • validation: optional
    • review: none
  • Dependencies:
    • Agents: orchestrator
    • Commands: /context-save, /context-restore, /create-worktree
  • Steps:
    1. Save current context - orchestrator - Checkpoint current work state
    2. Branch management - orchestrator - Commit/stash current changes
    3. Context load - orchestrator - Load new work context from memory
    4. Environment switch - orchestrator - Switch git branch or worktree
    5. Orientation - orchestrator - Display new context summary
  • Tags: [context, multitasking, workflow, efficiency]

3. Quality Assurance

11. test-driven-development

  • Description: TDD cycle: write test, implement feature, refactor
  • Trigger: /tdd-cycle
  • Complexity: moderate
  • Duration: 15-30m
  • QA Integration:
    • validation: required
    • review: recommended
  • Dependencies:
    • Agents: testing-specialist, component-qa-validator
    • Commands: /tdd-cycle, /run-tests
  • Steps:
    1. Test writing - testing-specialist - Write failing test for new feature
    2. Red phase - component-qa-validator - Verify test fails as expected
    3. Implementation - orchestrator - Implement minimal code to pass test
    4. Green phase - component-qa-validator - Verify test passes
    5. Refactoring - senior-architect - Improve code quality
    6. Regression check - component-qa-validator - Verify all tests still pass
  • Tags: [tdd, testing, development, quality]

12. code-quality-gate

  • Description: Comprehensive code quality validation before merge/deploy
  • Trigger: /full-review
  • Complexity: moderate
  • Duration: 15-30m
  • QA Integration:
    • validation: required
    • review: required
  • Dependencies:
    • Agents: code-reviewer, component-qa-validator, component-qa-reviewer
    • Commands: /full-review, /analyze
  • Steps:
    1. Static analysis - component-qa-validator - Lint, type check, complexity analysis
    2. Test coverage - testing-specialist - Verify coverage meets threshold (80%+)
    3. Security scan - security-specialist - Check for vulnerabilities
    4. Code review - component-qa-reviewer - Manual review for quality and patterns
    5. Performance check - application-performance - Profile for regressions
    6. Documentation check - codi-documentation-writer - Verify docs updated
  • Tags: [quality, validation, gates, review]

13. regression-testing

  • Description: Full regression test suite execution with failure analysis
  • Trigger: /run-tests
  • Complexity: simple
  • Duration: 5-15m
  • QA Integration:
    • validation: required
    • review: optional
  • Dependencies:
    • Agents: testing-specialist, component-qa-validator
    • Commands: /run-tests, /test-coverage
  • Steps:
    1. Test execution - testing-specialist - Run full test suite
    2. Failure analysis - debugger - Analyze any test failures
    3. Coverage report - testing-specialist - Generate coverage metrics
    4. Result validation - component-qa-validator - Verify results meet gates
    5. Report generation - testing-specialist - Create test report artifact
  • Tags: [testing, regression, validation, automation]

14. acceptance-testing

  • Description: User acceptance testing workflow with stakeholder validation
  • Trigger: Manual + e2e-testing agent
  • Complexity: complex
  • Duration: 30m+
  • QA Integration:
    • validation: required
    • review: required
  • Dependencies:
    • Agents: qa-automation, testing-specialist, component-qa-reviewer
    • Commands: /e2e-testing
  • Steps:
    1. Acceptance criteria - orchestrator - Review requirements and success criteria
    2. Test scenario creation - qa-automation - Create E2E test scenarios
    3. Test execution - qa-automation - Execute E2E tests in staging environment
    4. Manual validation - component-qa-reviewer - Stakeholder walkthrough
    5. Issue documentation - orchestrator - Document any acceptance issues
    6. Sign-off - component-qa-reviewer - Formal acceptance approval
  • Tags: [acceptance, e2e, validation, stakeholder]

15. quality-metrics-dashboard

  • Description: Generate comprehensive quality metrics dashboard
  • Trigger: Task invocation with qa-automation
  • Complexity: simple
  • Duration: 5-15m
  • QA Integration:
    • validation: optional
    • review: none
  • Dependencies:
    • Agents: qa-automation, testing-specialist
    • Commands: /test-coverage, /analyze
  • Steps:
    1. Test metrics - testing-specialist - Collect test count, coverage, pass rate
    2. Code metrics - component-qa-validator - Collect complexity, duplication, violations
    3. Security metrics - security-specialist - Collect vulnerability counts
    4. Performance metrics - application-performance - Collect performance benchmarks
    5. Dashboard generation - orchestrator - Compile into visual dashboard
  • Tags: [metrics, dashboard, quality, reporting]

4. DevOps

16. continuous-integration

  • Description: Set up or update CI pipeline for automated testing and validation
  • Trigger: Task invocation with cicd-automation agent
  • Complexity: moderate
  • Duration: 15-30m
  • QA Integration:
    • validation: required
    • review: recommended
  • Dependencies:
    • Agents: cicd-automation, devops-engineer
    • Commands: /ci-cd-pipeline
  • Steps:
    1. Pipeline design - devops-engineer - Define CI stages and jobs
    2. Configuration creation - cicd-automation - Create GitHub Actions/GitLab CI config
    3. Test integration - testing-specialist - Integrate test suite into pipeline
    4. Quality gates - component-qa-validator - Add linting, coverage checks
    5. Validation - component-qa-validator - Test pipeline with sample PR
    6. Documentation - codi-documentation-writer - Document pipeline behavior
  • Tags: [ci, automation, testing, pipeline]

17. continuous-deployment

  • Description: Automated deployment pipeline to staging and production
  • Trigger: Task invocation with cicd-automation agent
  • Complexity: complex
  • Duration: 30m+
  • QA Integration:
    • validation: required
    • review: required
  • Dependencies:
    • Agents: cicd-automation, devops-engineer, cloud-architect
    • Commands: /build-deploy-workflow
  • Steps:
    1. Environment configuration - cloud-architect - Define staging/production configs
    2. Deployment strategy - devops-engineer - Define blue/green or rolling deployment
    3. Pipeline creation - cicd-automation - Create CD workflow
    4. Secret management - security-specialist - Configure secret injection
    5. Rollback mechanism - devops-engineer - Implement automatic rollback
    6. Monitoring - devops-engineer - Add deployment monitoring
    7. Validation - component-qa-validator - Test deployment to staging
  • Tags: [cd, deployment, automation, production]

18. infrastructure-provisioning

  • Description: Provision cloud infrastructure using IaC (Terraform, CloudFormation)
  • Trigger: Task invocation with cloud-architect
  • Complexity: complex
  • Duration: 30m+
  • QA Integration:
    • validation: required
    • review: required
  • Dependencies:
    • Agents: cloud-architect, devops-engineer, security-specialist
    • Commands: /terraform-patterns
  • Steps:
    1. Infrastructure design - cloud-architect - Design architecture diagram
    2. IaC creation - cloud-architect - Write Terraform/CloudFormation templates
    3. Security hardening - security-specialist - Apply security best practices
    4. State management - devops-engineer - Configure remote state backend
    5. Environment separation - cloud-architect - Create dev/staging/prod configs
    6. Validation - component-qa-validator - Validate templates and plan output
    7. Documentation - codi-documentation-writer - Document infrastructure setup
  • Tags: [infrastructure, iac, terraform, cloud]

19. deployment-rollback

  • Description: Rollback failed deployment to previous stable version
  • Trigger: Manual invocation + devops-engineer
  • Complexity: moderate
  • Duration: 5-15m
  • QA Integration:
    • validation: required
    • review: recommended
  • Dependencies:
    • Agents: devops-engineer, orchestrator
    • Commands: /deployment-archeology
  • Steps:
    1. Incident detection - devops-engineer - Confirm deployment failure and impact
    2. Previous version identification - devops-engineer - Find last stable deployment
    3. Rollback execution - devops-engineer - Execute rollback procedure
    4. Validation - component-qa-validator - Verify rollback successful
    5. Post-mortem - orchestrator - Document failure and rollback
  • Tags: [rollback, incident, recovery, devops]

20. monitoring-setup

  • Description: Set up application monitoring, logging, and alerting
  • Trigger: /monitor-setup
  • Complexity: complex
  • Duration: 30m+
  • QA Integration:
    • validation: required
    • review: recommended
  • Dependencies:
    • Agents: devops-engineer, cloud-architect
    • Commands: /monitor-setup
  • Steps:
    1. Monitoring design - cloud-architect - Choose monitoring stack (Prometheus, Datadog, etc.)
    2. Metrics instrumentation - devops-engineer - Add metrics to application code
    3. Logging setup - devops-engineer - Configure structured logging
    4. Dashboard creation - devops-engineer - Create monitoring dashboards
    5. Alert configuration - devops-engineer - Define alert rules and thresholds
    6. Validation - component-qa-validator - Test alerts and dashboards
  • Tags: [monitoring, observability, logging, alerts]

5. Documentation

21. api-documentation-generation

  • Description: Generate comprehensive API documentation from code
  • Trigger: /doc-generate
  • Complexity: moderate
  • Duration: 15-30m
  • QA Integration:
    • validation: recommended
    • review: recommended
  • Dependencies:
    • Agents: codi-documentation-writer, backend-architect
    • Commands: /doc-generate, /api-documentation
  • Steps:
    1. API scanning - codi-documentation-writer - Extract routes and handlers
    2. OpenAPI generation - backend-architect - Generate OpenAPI/Swagger spec
    3. Example creation - codi-documentation-writer - Add request/response examples
    4. Documentation site - codi-documentation-writer - Generate docs site (Redoc, Swagger UI)
    5. Validation - component-qa-validator - Verify docs match implementation
    6. Review - component-qa-reviewer - Review for clarity and completeness
  • Tags: [documentation, api, openapi, swagger]

22. changelog-update

  • Description: Update CHANGELOG.md with recent changes following Keep a Changelog format
  • Trigger: /changelog-automation
  • Complexity: simple
  • Duration: 5-15m
  • QA Integration:
    • validation: optional
    • review: optional
  • Dependencies:
    • Agents: codi-documentation-writer
    • Commands: /changelog-automation
  • Steps:
    1. Git log analysis - codi-documentation-writer - Parse commits since last release
    2. Change categorization - codi-documentation-writer - Group into Added/Changed/Fixed/etc.
    3. CHANGELOG update - codi-documentation-writer - Add new version section
    4. Version bumping - devops-engineer - Update package.json/version files
    5. Validation - component-qa-validator - Verify format follows Keep a Changelog
  • Tags: [changelog, documentation, versioning, release]

23. readme-maintenance

  • Description: Create or update project README with current information
  • Trigger: Task invocation with codi-documentation-writer
  • Complexity: simple
  • Duration: 5-15m
  • QA Integration:
    • validation: optional
    • review: recommended
  • Dependencies:
    • Agents: codi-documentation-writer
    • Commands: /document
  • Steps:
    1. Content audit - codi-documentation-writer - Review current README
    2. Structure update - codi-documentation-writer - Ensure standard sections present
    3. Installation instructions - codi-documentation-writer - Update setup steps
    4. Usage examples - codi-documentation-writer - Add/update code examples
    5. Badge updates - codi-documentation-writer - Update status badges
    6. Review - component-qa-reviewer - Verify accuracy and clarity
  • Tags: [readme, documentation, onboarding]

24. architecture-documentation

  • Description: Generate architecture documentation with C4 diagrams and ADRs
  • Trigger: /c4-methodology-skill or /strategy
  • Complexity: complex
  • Duration: 30m+
  • QA Integration:
    • validation: recommended
    • review: required
  • Dependencies:
    • Agents: senior-architect, codi-documentation-writer
    • Commands: /c4-methodology-skill, /strategy
  • Steps:
    1. Architecture analysis - senior-architect - Understand system architecture
    2. C4 diagram creation - senior-architect - Create Context, Container, Component diagrams
    3. ADR creation - senior-architect - Document key architecture decisions
    4. Documentation writing - codi-documentation-writer - Write architecture overview
    5. Diagram generation - senior-architect - Generate diagrams as code (Mermaid, PlantUML)
    6. Review - component-qa-reviewer - Architecture review for accuracy
  • Tags: [architecture, c4, adr, diagrams]

25. documentation-audit

  • Description: Comprehensive documentation quality audit with gap identification
  • Trigger: /lint-docs
  • Complexity: moderate
  • Duration: 15-30m
  • QA Integration:
    • validation: required
    • review: optional
  • Dependencies:
    • Agents: codi-documentation-writer, component-qa-validator
    • Commands: /lint-docs
  • Steps:
    1. Documentation inventory - codi-documentation-writer - List all documentation files
    2. Quality checks - component-qa-validator - Run markdownlint, link checker
    3. Coverage analysis - codi-documentation-writer - Identify undocumented features
    4. Accuracy verification - component-qa-validator - Verify docs match code
    5. Issue reporting - orchestrator - Generate audit report with issues
    6. Remediation plan - codi-documentation-writer - Prioritize documentation improvements
  • Tags: [documentation, audit, quality, validation]

6. Collaboration

26. pull-request-creation

  • Description: Create pull request with comprehensive description and change analysis
  • Trigger: /describe-pr
  • Complexity: simple
  • Duration: 5-15m
  • QA Integration:
    • validation: recommended
    • review: optional
  • Dependencies:
    • Agents: orchestrator
    • Commands: /describe-pr, /commit
  • Steps:
    1. Change analysis - orchestrator - Analyze git diff and commit history
    2. Description generation - orchestrator - Generate PR description from template
    3. Test plan - testing-specialist - Document test coverage
    4. PR creation - orchestrator - Create PR via GitHub CLI
    5. Reviewer assignment - orchestrator - Suggest reviewers based on changed files
  • Tags: [pr, collaboration, git, review]

27. code-review-request

  • Description: Request code review with AI pre-review for common issues
  • Trigger: /ai-review
  • Complexity: moderate
  • Duration: 15-30m
  • QA Integration:
    • validation: required
    • review: required
  • Dependencies:
    • Agents: code-reviewer, component-qa-reviewer
    • Commands: /ai-review, /full-review
  • Steps:
    1. Pre-review - code-reviewer - AI review for common issues
    2. Issue fixing - orchestrator - Fix automated issues before human review
    3. Review request - orchestrator - Tag human reviewers
    4. Review facilitation - component-qa-reviewer - Provide review checklist
    5. Feedback incorporation - orchestrator - Track review comments
  • Tags: [review, collaboration, quality, pr]

28. code-review-response

  • Description: Address code review feedback and update PR
  • Trigger: Manual + orchestrator coordination
  • Complexity: moderate
  • Duration: 15-30m
  • QA Integration:
    • validation: recommended
    • review: recommended
  • Dependencies:
    • Agents: orchestrator, code-reviewer
    • Commands: /commit
  • Steps:
    1. Feedback analysis - orchestrator - Parse review comments
    2. Change implementation - orchestrator - Apply requested changes
    3. Re-review flagging - orchestrator - Comment on addressed items
    4. Re-validation - component-qa-validator - Verify changes don't break tests
    5. Update notification - orchestrator - Notify reviewers of updates
  • Tags: [review, collaboration, feedback, iteration]

29. handoff-creation

  • Description: Create comprehensive handoff document for session continuity
  • Trigger: /create-handoff
  • Complexity: simple
  • Duration: 5-15m
  • QA Integration:
    • validation: optional
    • review: none
  • Dependencies:
    • Agents: orchestrator
    • Commands: /create-handoff, /context-save
  • Steps:
    1. Session summary - orchestrator - Summarize work completed
    2. Context capture - orchestrator - Save current state and decisions
    3. Next steps - orchestrator - Document pending work and blockers
    4. Handoff document - orchestrator - Generate structured handoff
    5. Context export - orchestrator - Save to memory system
  • Tags: [handoff, collaboration, context, continuity]

30. handoff-resume

  • Description: Resume work from handoff document with context restoration
  • Trigger: /resume-handoff
  • Complexity: simple
  • Duration: 5-15m
  • QA Integration:
    • validation: optional
    • review: none
  • Dependencies:
    • Agents: orchestrator
    • Commands: /resume-handoff, /context-restore
  • Steps:
    1. Handoff loading - orchestrator - Load handoff document
    2. Context restoration - orchestrator - Restore session state
    3. Work summary - orchestrator - Display previous work and next steps
    4. Environment verification - orchestrator - Verify dependencies and services
    5. Continuation - orchestrator - Resume work from documented state
  • Tags: [handoff, collaboration, context, continuity]

7. Security

31. security-vulnerability-scan

  • Description: Comprehensive security scan for vulnerabilities and misconfigurations
  • Trigger: /security-scan
  • Complexity: moderate
  • Duration: 15-30m
  • QA Integration:
    • validation: required
    • review: recommended
  • Dependencies:
    • Agents: security-specialist, component-qa-validator
    • Commands: /security-scan, /security-sast
  • Steps:
    1. SAST analysis - security-specialist - Static code analysis for vulnerabilities
    2. Dependency scan - security-specialist - Check dependencies for CVEs
    3. Secret detection - security-specialist - Scan for exposed secrets
    4. Configuration audit - security-specialist - Check security misconfigurations
    5. Report generation - security-specialist - Generate vulnerability report
    6. Validation - component-qa-validator - Verify scan completeness
  • Tags: [security, scanning, vulnerabilities, audit]

32. security-fix-implementation

  • Description: Fix identified security vulnerabilities with validation
  • Trigger: Task invocation after security scan
  • Complexity: moderate
  • Duration: 15-30m
  • QA Integration:
    • validation: required
    • review: required
  • Dependencies:
    • Agents: security-specialist, component-qa-validator, component-qa-reviewer
    • Commands: /security-hardening
  • Steps:
    1. Vulnerability analysis - security-specialist - Understand exploit and impact
    2. Fix implementation - security-specialist - Apply secure code patterns
    3. Test creation - testing-specialist - Add security test to prevent regression
    4. Validation - component-qa-validator - Verify vulnerability fixed
    5. Review - component-qa-reviewer - Security review of fix
    6. Documentation - security-specialist - Document fix in security advisory
  • Tags: [security, vulnerability, fix, hardening]

33. secrets-management

  • Description: Audit and secure secrets and credentials
  • Trigger: /secrets-detection
  • Complexity: moderate
  • Duration: 15-30m
  • QA Integration:
    • validation: required
    • review: recommended
  • Dependencies:
    • Agents: security-specialist, devops-engineer
    • Commands: /secrets-detection
  • Steps:
    1. Secret detection - security-specialist - Scan code and git history for secrets
    2. Secret rotation - security-specialist - Rotate any exposed secrets
    3. Secret manager setup - devops-engineer - Configure secret management system
    4. Code remediation - security-specialist - Replace hardcoded secrets with references
    5. Validation - component-qa-validator - Verify no secrets in code
    6. Documentation - security-specialist - Document secret management process
  • Tags: [security, secrets, credentials, compliance]

34. compliance-audit

  • Description: Security compliance audit against standards (OWASP, SOC2, etc.)
  • Trigger: Task invocation with security-specialist
  • Complexity: complex
  • Duration: 30m+
  • QA Integration:
    • validation: required
    • review: required
  • Dependencies:
    • Agents: security-specialist, compliance-specialist, component-qa-reviewer
    • Commands: /security-audit
  • Steps:
    1. Standard selection - compliance-specialist - Choose applicable standards
    2. Control mapping - compliance-specialist - Map code to compliance controls
    3. Gap analysis - security-specialist - Identify compliance gaps
    4. Evidence collection - compliance-specialist - Gather compliance evidence
    5. Report generation - compliance-specialist - Generate audit report
    6. Remediation plan - security-specialist - Plan gap remediation
    7. Review - component-qa-reviewer - Executive review of findings
  • Tags: [security, compliance, audit, standards]

35. penetration-testing

  • Description: Automated penetration testing and security validation
  • Trigger: Task invocation with security-specialist
  • Complexity: complex
  • Duration: 30m+
  • QA Integration:
    • validation: required
    • review: required
  • Dependencies:
    • Agents: security-specialist, qa-automation
    • Commands: /security-scan
  • Steps:
    1. Test planning - security-specialist - Define attack scenarios
    2. Automated testing - qa-automation - Run automated security tests (OWASP ZAP, etc.)
    3. Manual testing - security-specialist - Manual penetration testing
    4. Exploit documentation - security-specialist - Document successful exploits
    5. Fix implementation - security-specialist - Fix vulnerabilities
    6. Validation - component-qa-validator - Verify fixes prevent exploits
    7. Report - security-specialist - Generate penetration test report
  • Tags: [security, penetration-testing, validation, exploitation]

8. Performance

36. performance-profiling

  • Description: Profile application performance and identify bottlenecks
  • Trigger: /perf-profile
  • Complexity: moderate
  • Duration: 15-30m
  • QA Integration:
    • validation: recommended
    • review: optional
  • Dependencies:
    • Agents: application-performance, component-qa-validator
    • Commands: /perf-profile
  • Steps:
    1. Profiling setup - application-performance - Configure profiling tools
    2. Baseline capture - application-performance - Capture current performance metrics
    3. Profiling execution - application-performance - Run CPU, memory, I/O profiling
    4. Bottleneck identification - application-performance - Analyze flame graphs and traces
    5. Report generation - application-performance - Generate performance report
    6. Validation - component-qa-validator - Verify profiling data accuracy
  • Tags: [performance, profiling, optimization, analysis]

37. load-testing

  • Description: Execute load tests to validate performance under stress
  • Trigger: /load-testing
  • Complexity: complex
  • Duration: 30m+
  • QA Integration:
    • validation: required
    • review: recommended
  • Dependencies:
    • Agents: application-performance, qa-automation
    • Commands: /load-testing
  • Steps:
    1. Test scenario design - qa-automation - Define load test scenarios
    2. Tool configuration - application-performance - Configure k6, Artillery, or Locust
    3. Test execution - qa-automation - Execute load tests
    4. Metric collection - application-performance - Collect response times, throughput, errors
    5. Threshold validation - component-qa-validator - Verify SLO compliance
    6. Report generation - application-performance - Generate load test report
    7. Review - component-qa-reviewer - Review results and recommendations
  • Tags: [performance, load-testing, stress, validation]

38. performance-optimization

  • Description: Optimize application performance based on profiling results
  • Trigger: /optimize
  • Complexity: complex
  • Duration: 30m+
  • QA Integration:
    • validation: required
    • review: required
  • Dependencies:
    • Agents: application-performance, senior-architect, component-qa-validator
    • Commands: /optimize, /optimization-patterns
  • Steps:
    1. Optimization planning - application-performance - Prioritize optimizations by impact
    2. Implementation - senior-architect - Apply optimization patterns
    3. Benchmarking - application-performance - Measure before/after performance
    4. Validation - component-qa-validator - Verify optimizations don't break functionality
    5. Review - component-qa-reviewer - Review optimization quality
    6. Documentation - codi-documentation-writer - Document optimizations and results
  • Tags: [performance, optimization, improvement, benchmarking]

39. database-optimization

  • Description: Optimize database queries and schema for performance
  • Trigger: Task invocation with database-architect
  • Complexity: complex
  • Duration: 30m+
  • QA Integration:
    • validation: required
    • review: required
  • Dependencies:
    • Agents: database-architect, application-performance, component-qa-validator
    • Commands: /query-optimization, /db-performance-analyzer
  • Steps:
    1. Query analysis - database-architect - Analyze slow queries with EXPLAIN
    2. Index optimization - database-architect - Design optimal indexes
    3. Schema optimization - database-architect - Normalize/denormalize as needed
    4. Query rewriting - database-architect - Optimize query structure
    5. Benchmarking - application-performance - Measure query performance improvement
    6. Validation - component-qa-validator - Verify data integrity maintained
    7. Review - component-qa-reviewer - Review optimization strategy
  • Tags: [performance, database, optimization, queries]

40. caching-strategy

  • Description: Implement caching strategy for performance improvement
  • Trigger: Task invocation with senior-architect
  • Complexity: complex
  • Duration: 30m+
  • QA Integration:
    • validation: required
    • review: required
  • Dependencies:
    • Agents: senior-architect, application-performance, component-qa-validator
    • Commands: /optimization-patterns
  • Steps:
    1. Cache analysis - senior-architect - Identify cacheable data and access patterns
    2. Strategy design - senior-architect - Choose caching layers (Redis, CDN, browser)
    3. Implementation - senior-architect - Implement caching with invalidation logic
    4. Cache warming - devops-engineer - Implement cache warming strategy
    5. Benchmarking - application-performance - Measure cache hit rates and performance
    6. Validation - component-qa-validator - Verify cache invalidation works correctly
    7. Review - component-qa-reviewer - Review caching strategy
  • Tags: [performance, caching, optimization, architecture]

9. Memory Context

41. context-export

  • Description: Export session context for preservation and sharing
  • Trigger: /cx or /cxs
  • Complexity: simple
  • Duration: 1-5m
  • QA Integration:
    • validation: optional
    • review: none
  • Dependencies:
    • Agents: orchestrator
    • Commands: /cx, /cxs, /cxq
  • Steps:
    1. Session export - orchestrator - Export current session
    2. Deduplication - orchestrator - Remove duplicate messages
    3. Context compilation - orchestrator - Compile into unified format
    4. Archive storage - orchestrator - Store in context-storage/
    5. SQLite indexing - orchestrator - Index for fast queries
  • Tags: [context, export, preservation, memory]

42. context-import

  • Description: Import and restore context from previous session
  • Trigger: /context-restore
  • Complexity: simple
  • Duration: 1-5m
  • QA Integration:
    • validation: optional
    • review: none
  • Dependencies:
    • Agents: orchestrator
    • Commands: /context-restore
  • Steps:
    1. Context selection - orchestrator - Choose context file to restore
    2. Loading - orchestrator - Load context into memory system
    3. Validation - orchestrator - Verify context integrity
    4. Summary - orchestrator - Display restored context summary
    5. Orientation - orchestrator - Orient user to restored state
  • Tags: [context, import, restoration, memory]
  • Description: Search knowledge base for decisions, patterns, and solutions
  • Trigger: /cxq --recall "topic"
  • Complexity: simple
  • Duration: 1-5m
  • QA Integration:
    • validation: none
    • review: none
  • Dependencies:
    • Agents: orchestrator
    • Commands: /cxq
  • Steps:
    1. Query formulation - orchestrator - Parse search query
    2. Search execution - orchestrator - Search memory system
    3. Result ranking - orchestrator - Rank by relevance
    4. Context extraction - orchestrator - Extract relevant context
    5. Display - orchestrator - Present results with links
  • Tags: [knowledge, search, memory, recall]

44. decision-log

  • Description: Log and track important project decisions
  • Trigger: /cxq --decisions or manual logging
  • Complexity: simple
  • Duration: 1-5m
  • QA Integration:
    • validation: optional
    • review: none
  • Dependencies:
    • Agents: orchestrator
    • Commands: /cxq, /cx
  • Steps:
    1. Decision capture - orchestrator - Record decision with context
    2. Rationale documentation - orchestrator - Document reasoning
    3. Memory storage - orchestrator - Save to memory system
    4. Tagging - orchestrator - Tag with relevant labels
    5. Indexing - orchestrator - Index for future retrieval
  • Tags: [decisions, logging, memory, tracking]

45. session-analysis

  • Description: Analyze large JSONL session files with intelligent chunking
  • Trigger: /process-jsonl-sessions
  • Complexity: moderate
  • Duration: 15-30m
  • QA Integration:
    • validation: optional
    • review: none
  • Dependencies:
    • Agents: orchestrator
    • Commands: /process-jsonl-sessions
  • Steps:
    1. File discovery - orchestrator - Find JSONL session files
    2. Size analysis - orchestrator - Analyze file sizes and complexity
    3. Chunking strategy - orchestrator - Determine optimal chunking
    4. Processing - orchestrator - Process with smart boundary splitting
    5. Deduplication - orchestrator - Remove duplicate messages
    6. Archive - orchestrator - Store processed sessions
  • Tags: [sessions, analysis, jsonl, processing]

10. Innovation

46. rapid-prototype

  • Description: Quickly build proof-of-concept to validate idea
  • Trigger: /prototype
  • Complexity: moderate
  • Duration: 15-30m
  • QA Integration:
    • validation: optional
    • review: optional
  • Dependencies:
    • Agents: orchestrator, senior-architect
    • Commands: /prototype
  • Steps:
    1. Idea clarification - orchestrator - Define MVP scope
    2. Technology selection - senior-architect - Choose rapid prototyping stack
    3. Rapid implementation - orchestrator - Build core functionality
    4. Demo creation - orchestrator - Create working demo
    5. Validation - orchestrator - Test core hypothesis
    6. Documentation - codi-documentation-writer - Document learnings
  • Tags: [prototype, innovation, mvp, rapid]

47. spike-investigation

  • Description: Technical spike to investigate unknown or risky approach
  • Trigger: /research
  • Complexity: moderate
  • Duration: 15-30m
  • QA Integration:
    • validation: optional
    • review: recommended
  • Dependencies:
    • Agents: research-agent, senior-architect
    • Commands: /research
  • Steps:
    1. Spike definition - orchestrator - Define investigation goals and time box
    2. Research - research-agent - Research technology or approach
    3. Experimentation - senior-architect - Build throwaway code to test
    4. Findings documentation - orchestrator - Document findings and recommendations
    5. Decision - orchestrator - Make go/no-go decision
    6. Review - component-qa-reviewer - Review findings and recommendation
  • Tags: [spike, research, investigation, experimentation]

48. proof-of-concept

  • Description: Full proof-of-concept with validation against success criteria
  • Trigger: Task invocation with orchestrator
  • Complexity: complex
  • Duration: 30m+
  • QA Integration:
    • validation: recommended
    • review: required
  • Dependencies:
    • Agents: orchestrator, senior-architect, component-qa-reviewer
    • Commands: /prototype, /validate-plan
  • Steps:
    1. Success criteria - orchestrator - Define measurable success criteria
    2. POC planning - senior-architect - Design POC architecture
    3. Implementation - orchestrator - Build POC with minimal features
    4. Validation testing - component-qa-validator - Test against success criteria
    5. Stakeholder demo - orchestrator - Present to stakeholders
    6. Review - component-qa-reviewer - Evaluate POC results
    7. Decision - orchestrator - Decide on production implementation
  • Tags: [poc, validation, innovation, stakeholder]

49. technology-evaluation

  • Description: Evaluate new technology or framework for adoption
  • Trigger: /research + /strategy
  • Complexity: complex
  • Duration: 30m+
  • QA Integration:
    • validation: recommended
    • review: required
  • Dependencies:
    • Agents: research-agent, senior-architect, component-qa-reviewer
    • Commands: /research, /strategy
  • Steps:
    1. Requirements analysis - orchestrator - Define evaluation criteria
    2. Technology research - research-agent - Research options and compare
    3. Spike implementation - senior-architect - Build small spike with each option
    4. Evaluation - senior-architect - Score against criteria
    5. ADR creation - senior-architect - Document decision
    6. Review - component-qa-reviewer - Review recommendation
    7. Approval - orchestrator - Get stakeholder approval
  • Tags: [evaluation, technology, research, decision]

50. experiment-tracking

  • Description: Track experiments with hypotheses, results, and learnings
  • Trigger: Manual tracking + orchestrator
  • Complexity: simple
  • Duration: 5-15m
  • QA Integration:
    • validation: optional
    • review: optional
  • Dependencies:
    • Agents: orchestrator, codi-documentation-writer
    • Commands: /cx
  • Steps:
    1. Hypothesis definition - orchestrator - Define testable hypothesis
    2. Experiment design - orchestrator - Design experiment methodology
    3. Execution tracking - orchestrator - Track experiment progress
    4. Result documentation - codi-documentation-writer - Document results
    5. Learning extraction - orchestrator - Extract key learnings
    6. Knowledge storage - orchestrator - Store in memory system
  • Tags: [experiments, tracking, learning, innovation]

Workflow Usage Guidelines

Selecting the Right Workflow

  1. Identify your goal - What are you trying to accomplish?
  2. Find the category - Which of the 10 categories fits best?
  3. Choose the workflow - Select the most specific workflow for your task
  4. Customize - Adapt the workflow to your specific needs

Chaining Workflows

Many tasks require multiple workflows in sequence:

Example: New Feature Development

  1. project-lifecycle/project-configure - Configure feature flags
  2. collaboration/code-review-request - Get design review
  3. quality-assurance/test-driven-development - Implement with TDD
  4. quality-assurance/code-quality-gate - Validate quality
  5. collaboration/pull-request-creation - Create PR
  6. devops/continuous-integration - Ensure CI passes
  7. documentation/changelog-update - Update changelog

QA Integration Patterns

Validation Requirements:

  • Required - Workflow cannot proceed without validation pass
  • Recommended - Validation should be performed but can be skipped with justification
  • Optional - Validation available but not necessary for workflow completion

Review Requirements:

  • Required - Manual review gate before completion
  • Recommended - Review improves quality but not blocking
  • Optional - Review available if desired
  • None - No review needed for this workflow

Extending This Catalog

Adding New Workflows

  1. Identify gap - Find common task not covered
  2. Define workflow - Use the template structure
  3. Integrate QA - Determine validation and review requirements
  4. Test workflow - Execute and refine
  5. Document - Add to appropriate category

Workflow Template

### N. workflow-name

- **Description:** [50-200 chars]
- **Trigger:** /command or manual
- **Complexity:** simple | moderate | complex
- **Duration:** 1-5m | 5-15m | 15-30m | 30m+
- **QA Integration:**
  - validation: required/recommended/optional/none
  - review: required/recommended/optional/none
- **Dependencies:**
  - Agents: [list]
  - Commands: [list]
- **Steps:**
  1. [Step] - [component] - [purpose]
  ...
- **Tags:** [tag1, tag2, tag3]

Appendix: Component Reference

Key Agents Used

  • orchestrator - Multi-agent coordination and workflow management
  • component-qa-validator - Automated quality validation
  • component-qa-reviewer - Manual quality review and approval
  • senior-architect - Architecture and design decisions
  • testing-specialist - Testing strategy and implementation
  • security-specialist - Security analysis and hardening
  • devops-engineer - CI/CD and infrastructure
  • codi-documentation-writer - Documentation generation

Key Commands

  • /new-project - Project creation
  • /run-tests - Test execution
  • /checkpoint - Session checkpointing
  • /context-save - Context preservation
  • /context-restore - Context restoration
  • /security-scan - Security scanning
  • /perf-profile - Performance profiling
  • /full-review - Comprehensive code review

See COMPONENT-REFERENCE.md for complete inventory.

Last Updated: December 12, 2025 Framework: CODITECT v1.7.2 Maintainer: CODITECT Framework Team