50 Essential CODITECT-CORE Workflows

Version: 1.0.0 Last Updated: December 12, 2025 Purpose: Comprehensive workflow catalog for common development tasks

---

Table of Contents

• Project Lifecycle
• Developer Experience
• Quality Assurance
• DevOps
• Documentation
• Collaboration
• Security
• Performance
• Memory Context
• Innovation

---

1. Project Lifecycle

1. project-create

• Description: Create a new project with complete structure, planning documents, and starter templates
• Trigger: /new-project "description"
• Complexity: moderate
• Duration: 5-15m
• QA Integration:
  • validation: required
  • review: recommended
• Dependencies:
  • Agents: orchestrator, project-architect
  • Commands: /new-project, /build-project
• Steps:
  1. Project initialization - orchestrator - Create directory structure and git repository
  2. Planning generation - project-architect - Generate PROJECT-PLAN.md and TASKLIST.md
  3. Template creation - project-architect - Create starter code templates for selected stack
  4. Dependency setup - orchestrator - Initialize package manager and install dependencies
  5. Validation gate - component-qa-validator - Verify project structure meets CODITECT standards
• Tags: [initialization, setup, planning, scaffolding]

---

2. project-configure

• Description: Configure existing project settings, environment variables, and build configuration
• Trigger: /config-validate
• Complexity: simple
• Duration: 5-15m
• QA Integration:
  • validation: required
  • review: optional
• Dependencies:
  • Agents: devops-engineer, senior-architect
  • Commands: /config-validate
• Steps:
  1. Current config analysis - devops-engineer - Review existing configuration files
  2. Environment setup - devops-engineer - Create/update .env templates and secret management
  3. Build configuration - senior-architect - Configure build tools (webpack, vite, etc.)
  4. Validation - component-qa-validator - Verify all required configs present and valid
• Tags: [configuration, environment, setup]

---

3. project-maintain

• Description: Routine project maintenance including dependency updates, security patches, and cleanup
• Trigger: /dependency-audit
• Complexity: moderate
• Duration: 15-30m
• QA Integration:
  • validation: required
  • review: recommended
• Dependencies:
  • Agents: devops-engineer, security-specialist
  • Commands: /dependency-audit, /security-scan
• Steps:
  1. Dependency audit - devops-engineer - Check for outdated dependencies and vulnerabilities
  2. Security scan - security-specialist - Run comprehensive security analysis
  3. Update strategy - devops-engineer - Plan safe update sequence avoiding breaking changes
  4. Update execution - devops-engineer - Apply updates with git checkpoints
  5. Testing - component-qa-validator - Run full test suite to verify stability
  6. Documentation - codi-documentation-writer - Update CHANGELOG.md
• Tags: [maintenance, dependencies, security, updates]

---

4. project-migrate

• Description: Migrate project to new framework, language, or architecture
• Trigger: Task invocation with senior-architect
• Complexity: complex
• Duration: 30m+
• QA Integration:
  • validation: required
  • review: required
• Dependencies:
  • Agents: senior-architect, migration-specialist, orchestrator
  • Commands: /strategy, /implement
• Steps:
  1. Migration planning - senior-architect - Analyze current state and target architecture
  2. Strategy document - senior-architect - Create ADR with migration approach and risks
  3. Incremental migration - migration-specialist - Break into phases with rollback points
  4. Implementation - orchestrator - Coordinate multi-agent execution
  5. Parallel testing - component-qa-validator - Run old and new systems side-by-side
  6. Review gate - component-qa-reviewer - Comprehensive review before cutover
  7. Cutover execution - devops-engineer - Execute migration with monitoring
• Tags: [migration, architecture, refactoring, modernization]

---

5. project-archive

• Description: Archive completed or deprecated project with full context preservation
• Trigger: /checkpoint "Final archive"
• Complexity: simple
• Duration: 5-15m
• QA Integration:
  • validation: recommended
  • review: optional
• Dependencies:
  • Agents: codi-documentation-writer
  • Commands: /checkpoint, /context-save
• Steps:
  1. Final checkpoint - orchestrator - Create comprehensive project checkpoint
  2. Documentation compilation - codi-documentation-writer - Generate archive README
  3. Context export - orchestrator - Save all session history and decisions
  4. Repository finalization - devops-engineer - Tag final version, update status badges
  5. Archive location - devops-engineer - Move to archive directory or mark archived
• Tags: [archival, completion, preservation, documentation]

---

2. Developer Experience

6. session-start

• Description: Start a new development session with context restoration and environment verification
• Trigger: /orient or manual orientation
• Complexity: simple
• Duration: 1-5m
• QA Integration:
  • validation: optional
  • review: none
• Dependencies:
  • Agents: orchestrator
  • Commands: /orient, /context-restore, /cxq
• Steps:
  1. Git status check - orchestrator - Review recent commits and branch status
  2. Context query - orchestrator - Load recent 200 messages from memory system
  3. Task review - orchestrator - Display pending tasks from TASKLIST.md
  4. Environment check - orchestrator - Verify dependencies and services running
• Tags: [session, startup, context, orientation]

---

7. session-end

• Description: End development session with checkpoint creation and context preservation
• Trigger: /checkpoint "description"
• Complexity: simple
• Duration: 1-5m
• QA Integration:
  • validation: optional
  • review: none
• Dependencies:
  • Agents: orchestrator
  • Commands: /checkpoint, /context-save, /commit
• Steps:
  1. Work summary - orchestrator - Summarize session accomplishments
  2. Checkpoint creation - orchestrator - Create session checkpoint
  3. Context save - orchestrator - Save session to memory system
  4. Git commit - orchestrator - Commit work with conventional format
  5. TASKLIST update - orchestrator - Update completed tasks
• Tags: [session, checkpoint, preservation, commit]

---

8. quick-fix

• Description: Rapid bug fix workflow with minimal overhead
• Trigger: /debug or debugger agent
• Complexity: simple
• Duration: 5-15m
• QA Integration:
  • validation: recommended
  • review: recommended
• Dependencies:
  • Agents: debugger, testing-specialist
  • Commands: /debug, /run-tests
• Steps:
  1. Issue reproduction - debugger - Confirm bug and create minimal reproduction
  2. Root cause - debugger - Identify root cause with stack trace analysis
  3. Fix implementation - debugger - Apply targeted fix
  4. Test creation - testing-specialist - Add regression test
  5. Validation - component-qa-validator - Run affected tests
  6. Quick review - component-qa-reviewer - Review fix for side effects
• Tags: [bugfix, debugging, rapid, testing]

---

9. daily-standup

• Description: Generate daily progress summary for standup meetings
• Trigger: /cxq --today + manual summary
• Complexity: simple
• Duration: 1-5m
• QA Integration:
  • validation: none
  • review: none
• Dependencies:
  • Agents: orchestrator
  • Commands: /cxq
• Steps:
  1. Today's activity - orchestrator - Query memory system for today's work
  2. Commit review - orchestrator - Analyze git commits from last 24 hours
  3. TASKLIST delta - orchestrator - Identify completed tasks
  4. Blocker identification - orchestrator - Flag any blockers or issues
  5. Summary generation - orchestrator - Format as standup report
• Tags: [reporting, standup, summary, communication]

---

10. context-switch

• Description: Switch between projects or features with context preservation
• Trigger: /context-save then navigate to new work
• Complexity: simple
• Duration: 1-5m
• QA Integration:
  • validation: optional
  • review: none
• Dependencies:
  • Agents: orchestrator
  • Commands: /context-save, /context-restore, /create-worktree
• Steps:
  1. Save current context - orchestrator - Checkpoint current work state
  2. Branch management - orchestrator - Commit/stash current changes
  3. Context load - orchestrator - Load new work context from memory
  4. Environment switch - orchestrator - Switch git branch or worktree
  5. Orientation - orchestrator - Display new context summary
• Tags: [context, multitasking, workflow, efficiency]

---

3. Quality Assurance

11. test-driven-development

• Description: TDD cycle: write test, implement feature, refactor
• Trigger: /tdd-cycle
• Complexity: moderate
• Duration: 15-30m
• QA Integration:
  • validation: required
  • review: recommended
• Dependencies:
  • Agents: testing-specialist, component-qa-validator
  • Commands: /tdd-cycle, /run-tests
• Steps:
  1. Test writing - testing-specialist - Write failing test for new feature
  2. Red phase - component-qa-validator - Verify test fails as expected
  3. Implementation - orchestrator - Implement minimal code to pass test
  4. Green phase - component-qa-validator - Verify test passes
  5. Refactoring - senior-architect - Improve code quality
  6. Regression check - component-qa-validator - Verify all tests still pass
• Tags: [tdd, testing, development, quality]

---

12. code-quality-gate

• Description: Comprehensive code quality validation before merge/deploy
• Trigger: /full-review
• Complexity: moderate
• Duration: 15-30m
• QA Integration:
  • validation: required
  • review: required
• Dependencies:
  • Agents: code-reviewer, component-qa-validator, component-qa-reviewer
  • Commands: /full-review, /analyze
• Steps:
  1. Static analysis - component-qa-validator - Lint, type check, complexity analysis
  2. Test coverage - testing-specialist - Verify coverage meets threshold (80%+)
  3. Security scan - security-specialist - Check for vulnerabilities
  4. Code review - component-qa-reviewer - Manual review for quality and patterns
  5. Performance check - application-performance - Profile for regressions
  6. Documentation check - codi-documentation-writer - Verify docs updated
• Tags: [quality, validation, gates, review]

---

13. regression-testing

• Description: Full regression test suite execution with failure analysis
• Trigger: /run-tests
• Complexity: simple
• Duration: 5-15m
• QA Integration:
  • validation: required
  • review: optional
• Dependencies:
  • Agents: testing-specialist, component-qa-validator
  • Commands: /run-tests, /test-coverage
• Steps:
  1. Test execution - testing-specialist - Run full test suite
  2. Failure analysis - debugger - Analyze any test failures
  3. Coverage report - testing-specialist - Generate coverage metrics
  4. Result validation - component-qa-validator - Verify results meet gates
  5. Report generation - testing-specialist - Create test report artifact
• Tags: [testing, regression, validation, automation]

---

14. acceptance-testing

• Description: User acceptance testing workflow with stakeholder validation
• Trigger: Manual + e2e-testing agent
• Complexity: complex
• Duration: 30m+
• QA Integration:
  • validation: required
  • review: required
• Dependencies:
  • Agents: qa-automation, testing-specialist, component-qa-reviewer
  • Commands: /e2e-testing
• Steps:
  1. Acceptance criteria - orchestrator - Review requirements and success criteria
  2. Test scenario creation - qa-automation - Create E2E test scenarios
  3. Test execution - qa-automation - Execute E2E tests in staging environment
  4. Manual validation - component-qa-reviewer - Stakeholder walkthrough
  5. Issue documentation - orchestrator - Document any acceptance issues
  6. Sign-off - component-qa-reviewer - Formal acceptance approval
• Tags: [acceptance, e2e, validation, stakeholder]

---

15. quality-metrics-dashboard

• Description: Generate comprehensive quality metrics dashboard
• Trigger: Task invocation with qa-automation
• Complexity: simple
• Duration: 5-15m
• QA Integration:
  • validation: optional
  • review: none
• Dependencies:
  • Agents: qa-automation, testing-specialist
  • Commands: /test-coverage, /analyze
• Steps:
  1. Test metrics - testing-specialist - Collect test count, coverage, pass rate
  2. Code metrics - component-qa-validator - Collect complexity, duplication, violations
  3. Security metrics - security-specialist - Collect vulnerability counts
  4. Performance metrics - application-performance - Collect performance benchmarks
  5. Dashboard generation - orchestrator - Compile into visual dashboard
• Tags: [metrics, dashboard, quality, reporting]

---

4. DevOps

16. continuous-integration

• Description: Set up or update CI pipeline for automated testing and validation
• Trigger: Task invocation with cicd-automation agent
• Complexity: moderate
• Duration: 15-30m
• QA Integration:
  • validation: required
  • review: recommended
• Dependencies:
  • Agents: cicd-automation, devops-engineer
  • Commands: /ci-cd-pipeline
• Steps:
  1. Pipeline design - devops-engineer - Define CI stages and jobs
  2. Configuration creation - cicd-automation - Create GitHub Actions/GitLab CI config
  3. Test integration - testing-specialist - Integrate test suite into pipeline
  4. Quality gates - component-qa-validator - Add linting, coverage checks
  5. Validation - component-qa-validator - Test pipeline with sample PR
  6. Documentation - codi-documentation-writer - Document pipeline behavior
• Tags: [ci, automation, testing, pipeline]

---

17. continuous-deployment

• Description: Automated deployment pipeline to staging and production
• Trigger: Task invocation with cicd-automation agent
• Complexity: complex
• Duration: 30m+
• QA Integration:
  • validation: required
  • review: required
• Dependencies:
  • Agents: cicd-automation, devops-engineer, cloud-architect
  • Commands: /build-deploy-workflow
• Steps:
  1. Environment configuration - cloud-architect - Define staging/production configs
  2. Deployment strategy - devops-engineer - Define blue/green or rolling deployment
  3. Pipeline creation - cicd-automation - Create CD workflow
  4. Secret management - security-specialist - Configure secret injection
  5. Rollback mechanism - devops-engineer - Implement automatic rollback
  6. Monitoring - devops-engineer - Add deployment monitoring
  7. Validation - component-qa-validator - Test deployment to staging
• Tags: [cd, deployment, automation, production]

---

18. infrastructure-provisioning

• Description: Provision cloud infrastructure using IaC (Terraform, CloudFormation)
• Trigger: Task invocation with cloud-architect
• Complexity: complex
• Duration: 30m+
• QA Integration:
  • validation: required
  • review: required
• Dependencies:
  • Agents: cloud-architect, devops-engineer, security-specialist
  • Commands: /terraform-patterns
• Steps:
  1. Infrastructure design - cloud-architect - Design architecture diagram
  2. IaC creation - cloud-architect - Write Terraform/CloudFormation templates
  3. Security hardening - security-specialist - Apply security best practices
  4. State management - devops-engineer - Configure remote state backend
  5. Environment separation - cloud-architect - Create dev/staging/prod configs
  6. Validation - component-qa-validator - Validate templates and plan output
  7. Documentation - codi-documentation-writer - Document infrastructure setup
• Tags: [infrastructure, iac, terraform, cloud]

---

19. deployment-rollback

• Description: Rollback failed deployment to previous stable version
• Trigger: Manual invocation + devops-engineer
• Complexity: moderate
• Duration: 5-15m
• QA Integration:
  • validation: required
  • review: recommended
• Dependencies:
  • Agents: devops-engineer, orchestrator
  • Commands: /deployment-archeology
• Steps:
  1. Incident detection - devops-engineer - Confirm deployment failure and impact
  2. Previous version identification - devops-engineer - Find last stable deployment
  3. Rollback execution - devops-engineer - Execute rollback procedure
  4. Validation - component-qa-validator - Verify rollback successful
  5. Post-mortem - orchestrator - Document failure and rollback
• Tags: [rollback, incident, recovery, devops]

---

20. monitoring-setup

• Description: Set up application monitoring, logging, and alerting
• Trigger: /monitor-setup
• Complexity: complex
• Duration: 30m+
• QA Integration:
  • validation: required
  • review: recommended
• Dependencies:
  • Agents: devops-engineer, cloud-architect
  • Commands: /monitor-setup
• Steps:
  1. Monitoring design - cloud-architect - Choose monitoring stack (Prometheus, Datadog, etc.)
  2. Metrics instrumentation - devops-engineer - Add metrics to application code
  3. Logging setup - devops-engineer - Configure structured logging
  4. Dashboard creation - devops-engineer - Create monitoring dashboards
  5. Alert configuration - devops-engineer - Define alert rules and thresholds
  6. Validation - component-qa-validator - Test alerts and dashboards
• Tags: [monitoring, observability, logging, alerts]

---

5. Documentation

21. api-documentation-generation

• Description: Generate comprehensive API documentation from code
• Trigger: /doc-generate
• Complexity: moderate
• Duration: 15-30m
• QA Integration:
  • validation: recommended
  • review: recommended
• Dependencies:
  • Agents: codi-documentation-writer, backend-architect
  • Commands: /doc-generate, /api-documentation
• Steps:
  1. API scanning - codi-documentation-writer - Extract routes and handlers
  2. OpenAPI generation - backend-architect - Generate OpenAPI/Swagger spec
  3. Example creation - codi-documentation-writer - Add request/response examples
  4. Documentation site - codi-documentation-writer - Generate docs site (Redoc, Swagger UI)
  5. Validation - component-qa-validator - Verify docs match implementation
  6. Review - component-qa-reviewer - Review for clarity and completeness
• Tags: [documentation, api, openapi, swagger]

---

22. changelog-update

• Description: Update CHANGELOG.md with recent changes following Keep a Changelog format
• Trigger: /changelog-automation
• Complexity: simple
• Duration: 5-15m
• QA Integration:
  • validation: optional
  • review: optional
• Dependencies:
  • Agents: codi-documentation-writer
  • Commands: /changelog-automation
• Steps:
  1. Git log analysis - codi-documentation-writer - Parse commits since last release
  2. Change categorization - codi-documentation-writer - Group into Added/Changed/Fixed/etc.
  3. CHANGELOG update - codi-documentation-writer - Add new version section
  4. Version bumping - devops-engineer - Update package.json/version files
  5. Validation - component-qa-validator - Verify format follows Keep a Changelog
• Tags: [changelog, documentation, versioning, release]

---

23. readme-maintenance

• Description: Create or update project README with current information
• Trigger: Task invocation with codi-documentation-writer
• Complexity: simple
• Duration: 5-15m
• QA Integration:
  • validation: optional
  • review: recommended
• Dependencies:
  • Agents: codi-documentation-writer
  • Commands: /document
• Steps:
  1. Content audit - codi-documentation-writer - Review current README
  2. Structure update - codi-documentation-writer - Ensure standard sections present
  3. Installation instructions - codi-documentation-writer - Update setup steps
  4. Usage examples - codi-documentation-writer - Add/update code examples
  5. Badge updates - codi-documentation-writer - Update status badges
  6. Review - component-qa-reviewer - Verify accuracy and clarity
• Tags: [readme, documentation, onboarding]

---

24. architecture-documentation

• Description: Generate architecture documentation with C4 diagrams and ADRs
• Trigger: /c4-methodology-skill or /strategy
• Complexity: complex
• Duration: 30m+
• QA Integration:
  • validation: recommended
  • review: required
• Dependencies:
  • Agents: senior-architect, codi-documentation-writer
  • Commands: /c4-methodology-skill, /strategy
• Steps:
  1. Architecture analysis - senior-architect - Understand system architecture
  2. C4 diagram creation - senior-architect - Create Context, Container, Component diagrams
  3. ADR creation - senior-architect - Document key architecture decisions
  4. Documentation writing - codi-documentation-writer - Write architecture overview
  5. Diagram generation - senior-architect - Generate diagrams as code (Mermaid, PlantUML)
  6. Review - component-qa-reviewer - Architecture review for accuracy
• Tags: [architecture, c4, adr, diagrams]

---

25. documentation-audit

• Description: Comprehensive documentation quality audit with gap identification
• Trigger: /lint-docs
• Complexity: moderate
• Duration: 15-30m
• QA Integration:
  • validation: required
  • review: optional
• Dependencies:
  • Agents: codi-documentation-writer, component-qa-validator
  • Commands: /lint-docs
• Steps:
  1. Documentation inventory - codi-documentation-writer - List all documentation files
  2. Quality checks - component-qa-validator - Run markdownlint, link checker
  3. Coverage analysis - codi-documentation-writer - Identify undocumented features
  4. Accuracy verification - component-qa-validator - Verify docs match code
  5. Issue reporting - orchestrator - Generate audit report with issues
  6. Remediation plan - codi-documentation-writer - Prioritize documentation improvements
• Tags: [documentation, audit, quality, validation]

---

6. Collaboration

26. pull-request-creation

• Description: Create pull request with comprehensive description and change analysis
• Trigger: /describe-pr
• Complexity: simple
• Duration: 5-15m
• QA Integration:
  • validation: recommended
  • review: optional
• Dependencies:
  • Agents: orchestrator
  • Commands: /describe-pr, /commit
• Steps:
  1. Change analysis - orchestrator - Analyze git diff and commit history
  2. Description generation - orchestrator - Generate PR description from template
  3. Test plan - testing-specialist - Document test coverage
  4. PR creation - orchestrator - Create PR via GitHub CLI
  5. Reviewer assignment - orchestrator - Suggest reviewers based on changed files
• Tags: [pr, collaboration, git, review]

---

27. code-review-request

• Description: Request code review with AI pre-review for common issues
• Trigger: /ai-review
• Complexity: moderate
• Duration: 15-30m
• QA Integration:
  • validation: required
  • review: required
• Dependencies:
  • Agents: code-reviewer, component-qa-reviewer
  • Commands: /ai-review, /full-review
• Steps:
  1. Pre-review - code-reviewer - AI review for common issues
  2. Issue fixing - orchestrator - Fix automated issues before human review
  3. Review request - orchestrator - Tag human reviewers
  4. Review facilitation - component-qa-reviewer - Provide review checklist
  5. Feedback incorporation - orchestrator - Track review comments
• Tags: [review, collaboration, quality, pr]

---

28. code-review-response

• Description: Address code review feedback and update PR
• Trigger: Manual + orchestrator coordination
• Complexity: moderate
• Duration: 15-30m
• QA Integration:
  • validation: recommended
  • review: recommended
• Dependencies:
  • Agents: orchestrator, code-reviewer
  • Commands: /commit
• Steps:
  1. Feedback analysis - orchestrator - Parse review comments
  2. Change implementation - orchestrator - Apply requested changes
  3. Re-review flagging - orchestrator - Comment on addressed items
  4. Re-validation - component-qa-validator - Verify changes don't break tests
  5. Update notification - orchestrator - Notify reviewers of updates
• Tags: [review, collaboration, feedback, iteration]

---

29. handoff-creation

• Description: Create comprehensive handoff document for session continuity
• Trigger: /create-handoff
• Complexity: simple
• Duration: 5-15m
• QA Integration:
  • validation: optional
  • review: none
• Dependencies:
  • Agents: orchestrator
  • Commands: /create-handoff, /context-save
• Steps:
  1. Session summary - orchestrator - Summarize work completed
  2. Context capture - orchestrator - Save current state and decisions
  3. Next steps - orchestrator - Document pending work and blockers
  4. Handoff document - orchestrator - Generate structured handoff
  5. Context export - orchestrator - Save to memory system
• Tags: [handoff, collaboration, context, continuity]

---

30. handoff-resume

• Description: Resume work from handoff document with context restoration
• Trigger: /resume-handoff
• Complexity: simple
• Duration: 5-15m
• QA Integration:
  • validation: optional
  • review: none
• Dependencies:
  • Agents: orchestrator
  • Commands: /resume-handoff, /context-restore
• Steps:
  1. Handoff loading - orchestrator - Load handoff document
  2. Context restoration - orchestrator - Restore session state
  3. Work summary - orchestrator - Display previous work and next steps
  4. Environment verification - orchestrator - Verify dependencies and services
  5. Continuation - orchestrator - Resume work from documented state
• Tags: [handoff, collaboration, context, continuity]

---

7. Security

31. security-vulnerability-scan

• Description: Comprehensive security scan for vulnerabilities and misconfigurations
• Trigger: /security-scan
• Complexity: moderate
• Duration: 15-30m
• QA Integration:
  • validation: required
  • review: recommended
• Dependencies:
  • Agents: security-specialist, component-qa-validator
  • Commands: /security-scan, /security-sast
• Steps:
  1. SAST analysis - security-specialist - Static code analysis for vulnerabilities
  2. Dependency scan - security-specialist - Check dependencies for CVEs
  3. Secret detection - security-specialist - Scan for exposed secrets
  4. Configuration audit - security-specialist - Check security misconfigurations
  5. Report generation - security-specialist - Generate vulnerability report
  6. Validation - component-qa-validator - Verify scan completeness
• Tags: [security, scanning, vulnerabilities, audit]

---

32. security-fix-implementation

• Description: Fix identified security vulnerabilities with validation
• Trigger: Task invocation after security scan
• Complexity: moderate
• Duration: 15-30m
• QA Integration:
  • validation: required
  • review: required
• Dependencies:
  • Agents: security-specialist, component-qa-validator, component-qa-reviewer
  • Commands: /security-hardening
• Steps:
  1. Vulnerability analysis - security-specialist - Understand exploit and impact
  2. Fix implementation - security-specialist - Apply secure code patterns
  3. Test creation - testing-specialist - Add security test to prevent regression
  4. Validation - component-qa-validator - Verify vulnerability fixed
  5. Review - component-qa-reviewer - Security review of fix
  6. Documentation - security-specialist - Document fix in security advisory
• Tags: [security, vulnerability, fix, hardening]

---

33. secrets-management

• Description: Audit and secure secrets and credentials
• Trigger: /secrets-detection
• Complexity: moderate
• Duration: 15-30m
• QA Integration:
  • validation: required
  • review: recommended
• Dependencies:
  • Agents: security-specialist, devops-engineer
  • Commands: /secrets-detection
• Steps:
  1. Secret detection - security-specialist - Scan code and git history for secrets
  2. Secret rotation - security-specialist - Rotate any exposed secrets
  3. Secret manager setup - devops-engineer - Configure secret management system
  4. Code remediation - security-specialist - Replace hardcoded secrets with references
  5. Validation - component-qa-validator - Verify no secrets in code
  6. Documentation - security-specialist - Document secret management process
• Tags: [security, secrets, credentials, compliance]

---

34. compliance-audit

• Description: Security compliance audit against standards (OWASP, SOC2, etc.)
• Trigger: Task invocation with security-specialist
• Complexity: complex
• Duration: 30m+
• QA Integration:
  • validation: required
  • review: required
• Dependencies:
  • Agents: security-specialist, compliance-specialist, component-qa-reviewer
  • Commands: /security-audit
• Steps:
  1. Standard selection - compliance-specialist - Choose applicable standards
  2. Control mapping - compliance-specialist - Map code to compliance controls
  3. Gap analysis - security-specialist - Identify compliance gaps
  4. Evidence collection - compliance-specialist - Gather compliance evidence
  5. Report generation - compliance-specialist - Generate audit report
  6. Remediation plan - security-specialist - Plan gap remediation
  7. Review - component-qa-reviewer - Executive review of findings
• Tags: [security, compliance, audit, standards]

---

35. penetration-testing

• Description: Automated penetration testing and security validation
• Trigger: Task invocation with security-specialist
• Complexity: complex
• Duration: 30m+
• QA Integration:
  • validation: required
  • review: required
• Dependencies:
  • Agents: security-specialist, qa-automation
  • Commands: /security-scan
• Steps:
  1. Test planning - security-specialist - Define attack scenarios
  2. Automated testing - qa-automation - Run automated security tests (OWASP ZAP, etc.)
  3. Manual testing - security-specialist - Manual penetration testing
  4. Exploit documentation - security-specialist - Document successful exploits
  5. Fix implementation - security-specialist - Fix vulnerabilities
  6. Validation - component-qa-validator - Verify fixes prevent exploits
  7. Report - security-specialist - Generate penetration test report
• Tags: [security, penetration-testing, validation, exploitation]

---

8. Performance

36. performance-profiling

• Description: Profile application performance and identify bottlenecks
• Trigger: /perf-profile
• Complexity: moderate
• Duration: 15-30m
• QA Integration:
  • validation: recommended
  • review: optional
• Dependencies:
  • Agents: application-performance, component-qa-validator
  • Commands: /perf-profile
• Steps:
  1. Profiling setup - application-performance - Configure profiling tools
  2. Baseline capture - application-performance - Capture current performance metrics
  3. Profiling execution - application-performance - Run CPU, memory, I/O profiling
  4. Bottleneck identification - application-performance - Analyze flame graphs and traces
  5. Report generation - application-performance - Generate performance report
  6. Validation - component-qa-validator - Verify profiling data accuracy
• Tags: [performance, profiling, optimization, analysis]

---

37. load-testing

• Description: Execute load tests to validate performance under stress
• Trigger: /load-testing
• Complexity: complex
• Duration: 30m+
• QA Integration:
  • validation: required
  • review: recommended
• Dependencies:
  • Agents: application-performance, qa-automation
  • Commands: /load-testing
• Steps:
  1. Test scenario design - qa-automation - Define load test scenarios
  2. Tool configuration - application-performance - Configure k6, Artillery, or Locust
  3. Test execution - qa-automation - Execute load tests
  4. Metric collection - application-performance - Collect response times, throughput, errors
  5. Threshold validation - component-qa-validator - Verify SLO compliance
  6. Report generation - application-performance - Generate load test report
  7. Review - component-qa-reviewer - Review results and recommendations
• Tags: [performance, load-testing, stress, validation]

---

38. performance-optimization

• Description: Optimize application performance based on profiling results
• Trigger: /optimize
• Complexity: complex
• Duration: 30m+
• QA Integration:
  • validation: required
  • review: required
• Dependencies:
  • Agents: application-performance, senior-architect, component-qa-validator
  • Commands: /optimize, /optimization-patterns
• Steps:
  1. Optimization planning - application-performance - Prioritize optimizations by impact
  2. Implementation - senior-architect - Apply optimization patterns
  3. Benchmarking - application-performance - Measure before/after performance
  4. Validation - component-qa-validator - Verify optimizations don't break functionality
  5. Review - component-qa-reviewer - Review optimization quality
  6. Documentation - codi-documentation-writer - Document optimizations and results
• Tags: [performance, optimization, improvement, benchmarking]

---

39. database-optimization

• Description: Optimize database queries and schema for performance
• Trigger: Task invocation with database-architect
• Complexity: complex
• Duration: 30m+
• QA Integration:
  • validation: required
  • review: required
• Dependencies:
  • Agents: database-architect, application-performance, component-qa-validator
  • Commands: /query-optimization, /db-performance-analyzer
• Steps:
  1. Query analysis - database-architect - Analyze slow queries with EXPLAIN
  2. Index optimization - database-architect - Design optimal indexes
  3. Schema optimization - database-architect - Normalize/denormalize as needed
  4. Query rewriting - database-architect - Optimize query structure
  5. Benchmarking - application-performance - Measure query performance improvement
  6. Validation - component-qa-validator - Verify data integrity maintained
  7. Review - component-qa-reviewer - Review optimization strategy
• Tags: [performance, database, optimization, queries]

---

40. caching-strategy

• Description: Implement caching strategy for performance improvement
• Trigger: Task invocation with senior-architect
• Complexity: complex
• Duration: 30m+
• QA Integration:
  • validation: required
  • review: required
• Dependencies:
  • Agents: senior-architect, application-performance, component-qa-validator
  • Commands: /optimization-patterns
• Steps:
  1. Cache analysis - senior-architect - Identify cacheable data and access patterns
  2. Strategy design - senior-architect - Choose caching layers (Redis, CDN, browser)
  3. Implementation - senior-architect - Implement caching with invalidation logic
  4. Cache warming - devops-engineer - Implement cache warming strategy
  5. Benchmarking - application-performance - Measure cache hit rates and performance
  6. Validation - component-qa-validator - Verify cache invalidation works correctly
  7. Review - component-qa-reviewer - Review caching strategy
• Tags: [performance, caching, optimization, architecture]

---

9. Memory Context

41. context-export

• Description: Export session context for preservation and sharing
• Trigger: /cx or /cxs
• Complexity: simple
• Duration: 1-5m
• QA Integration:
  • validation: optional
  • review: none
• Dependencies:
  • Agents: orchestrator
  • Commands: /cx, /cxs, /cxq
• Steps:
  1. Session export - orchestrator - Export current session
  2. Deduplication - orchestrator - Remove duplicate messages
  3. Context compilation - orchestrator - Compile into unified format
  4. Archive storage - orchestrator - Store in context-storage/
  5. SQLite indexing - orchestrator - Index for fast queries
• Tags: [context, export, preservation, memory]

---

42. context-import

• Description: Import and restore context from previous session
• Trigger: /context-restore
• Complexity: simple
• Duration: 1-5m
• QA Integration:
  • validation: optional
  • review: none
• Dependencies:
  • Agents: orchestrator
  • Commands: /context-restore
• Steps:
  1. Context selection - orchestrator - Choose context file to restore
  2. Loading - orchestrator - Load context into memory system
  3. Validation - orchestrator - Verify context integrity
  4. Summary - orchestrator - Display restored context summary
  5. Orientation - orchestrator - Orient user to restored state
• Tags: [context, import, restoration, memory]

---

43. knowledge-search

• Description: Search knowledge base for decisions, patterns, and solutions
• Trigger: /cxq --recall "topic"
• Complexity: simple
• Duration: 1-5m
• QA Integration:
  • validation: none
  • review: none
• Dependencies:
  • Agents: orchestrator
  • Commands: /cxq
• Steps:
  1. Query formulation - orchestrator - Parse search query
  2. Search execution - orchestrator - Search memory system
  3. Result ranking - orchestrator - Rank by relevance
  4. Context extraction - orchestrator - Extract relevant context
  5. Display - orchestrator - Present results with links
• Tags: [knowledge, search, memory, recall]

---

44. decision-log

• Description: Log and track important project decisions
• Trigger: /cxq --decisions or manual logging
• Complexity: simple
• Duration: 1-5m
• QA Integration:
  • validation: optional
  • review: none
• Dependencies:
  • Agents: orchestrator
  • Commands: /cxq, /cx
• Steps:
  1. Decision capture - orchestrator - Record decision with context
  2. Rationale documentation - orchestrator - Document reasoning
  3. Memory storage - orchestrator - Save to memory system
  4. Tagging - orchestrator - Tag with relevant labels
  5. Indexing - orchestrator - Index for future retrieval
• Tags: [decisions, logging, memory, tracking]

---

45. session-analysis

• Description: Analyze large JSONL session files with intelligent chunking
• Trigger: /process-jsonl-sessions
• Complexity: moderate
• Duration: 15-30m
• QA Integration:
  • validation: optional
  • review: none
• Dependencies:
  • Agents: orchestrator
  • Commands: /process-jsonl-sessions
• Steps:
  1. File discovery - orchestrator - Find JSONL session files
  2. Size analysis - orchestrator - Analyze file sizes and complexity
  3. Chunking strategy - orchestrator - Determine optimal chunking
  4. Processing - orchestrator - Process with smart boundary splitting
  5. Deduplication - orchestrator - Remove duplicate messages
  6. Archive - orchestrator - Store processed sessions
• Tags: [sessions, analysis, jsonl, processing]

---

10. Innovation

46. rapid-prototype

• Description: Quickly build proof-of-concept to validate idea
• Trigger: /prototype
• Complexity: moderate
• Duration: 15-30m
• QA Integration:
  • validation: optional
  • review: optional
• Dependencies:
  • Agents: orchestrator, senior-architect
  • Commands: /prototype
• Steps:
  1. Idea clarification - orchestrator - Define MVP scope
  2. Technology selection - senior-architect - Choose rapid prototyping stack
  3. Rapid implementation - orchestrator - Build core functionality
  4. Demo creation - orchestrator - Create working demo
  5. Validation - orchestrator - Test core hypothesis
  6. Documentation - codi-documentation-writer - Document learnings
• Tags: [prototype, innovation, mvp, rapid]

---

47. spike-investigation

• Description: Technical spike to investigate unknown or risky approach
• Trigger: /research
• Complexity: moderate
• Duration: 15-30m
• QA Integration:
  • validation: optional
  • review: recommended
• Dependencies:
  • Agents: research-agent, senior-architect
  • Commands: /research
• Steps:
  1. Spike definition - orchestrator - Define investigation goals and time box
  2. Research - research-agent - Research technology or approach
  3. Experimentation - senior-architect - Build throwaway code to test
  4. Findings documentation - orchestrator - Document findings and recommendations
  5. Decision - orchestrator - Make go/no-go decision
  6. Review - component-qa-reviewer - Review findings and recommendation
• Tags: [spike, research, investigation, experimentation]

---

48. proof-of-concept

• Description: Full proof-of-concept with validation against success criteria
• Trigger: Task invocation with orchestrator
• Complexity: complex
• Duration: 30m+
• QA Integration:
  • validation: recommended
  • review: required
• Dependencies:
  • Agents: orchestrator, senior-architect, component-qa-reviewer
  • Commands: /prototype, /validate-plan
• Steps:
  1. Success criteria - orchestrator - Define measurable success criteria
  2. POC planning - senior-architect - Design POC architecture
  3. Implementation - orchestrator - Build POC with minimal features
  4. Validation testing - component-qa-validator - Test against success criteria
  5. Stakeholder demo - orchestrator - Present to stakeholders
  6. Review - component-qa-reviewer - Evaluate POC results
  7. Decision - orchestrator - Decide on production implementation
• Tags: [poc, validation, innovation, stakeholder]

---

49. technology-evaluation

• Description: Evaluate new technology or framework for adoption
• Trigger: /research + /strategy
• Complexity: complex
• Duration: 30m+
• QA Integration:
  • validation: recommended
  • review: required
• Dependencies:
  • Agents: research-agent, senior-architect, component-qa-reviewer
  • Commands: /research, /strategy
• Steps:
  1. Requirements analysis - orchestrator - Define evaluation criteria
  2. Technology research - research-agent - Research options and compare
  3. Spike implementation - senior-architect - Build small spike with each option
  4. Evaluation - senior-architect - Score against criteria
  5. ADR creation - senior-architect - Document decision
  6. Review - component-qa-reviewer - Review recommendation
  7. Approval - orchestrator - Get stakeholder approval
• Tags: [evaluation, technology, research, decision]

---

50. experiment-tracking

• Description: Track experiments with hypotheses, results, and learnings
• Trigger: Manual tracking + orchestrator
• Complexity: simple
• Duration: 5-15m
• QA Integration:
  • validation: optional
  • review: optional
• Dependencies:
  • Agents: orchestrator, codi-documentation-writer
  • Commands: /cx
• Steps:
  1. Hypothesis definition - orchestrator - Define testable hypothesis
  2. Experiment design - orchestrator - Design experiment methodology
  3. Execution tracking - orchestrator - Track experiment progress
  4. Result documentation - codi-documentation-writer - Document results
  5. Learning extraction - orchestrator - Extract key learnings
  6. Knowledge storage - orchestrator - Store in memory system
• Tags: [experiments, tracking, learning, innovation]

---

Workflow Usage Guidelines

Selecting the Right Workflow

1. Identify your goal - What are you trying to accomplish?
2. Find the category - Which of the 10 categories fits best?
3. Choose the workflow - Select the most specific workflow for your task
4. Customize - Adapt the workflow to your specific needs

Chaining Workflows

Many tasks require multiple workflows in sequence:

Example: New Feature Development

1. project-lifecycle/project-configure - Configure feature flags
2. collaboration/code-review-request - Get design review
3. quality-assurance/test-driven-development - Implement with TDD
4. quality-assurance/code-quality-gate - Validate quality
5. collaboration/pull-request-creation - Create PR
6. devops/continuous-integration - Ensure CI passes
7. documentation/changelog-update - Update changelog

QA Integration Patterns

Validation Requirements:

• Required - Workflow cannot proceed without validation pass
• Recommended - Validation should be performed but can be skipped with justification
• Optional - Validation available but not necessary for workflow completion

Review Requirements:

• Required - Manual review gate before completion
• Recommended - Review improves quality but not blocking
• Optional - Review available if desired
• None - No review needed for this workflow

---

Extending This Catalog

Adding New Workflows

1. Identify gap - Find common task not covered
2. Define workflow - Use the template structure
3. Integrate QA - Determine validation and review requirements
4. Test workflow - Execute and refine
5. Document - Add to appropriate category

Workflow Template

### N. workflow-name

- **Description:** [50-200 chars]
- **Trigger:** /command or manual
- **Complexity:** simple | moderate | complex
- **Duration:** 1-5m | 5-15m | 15-30m | 30m+
- **QA Integration:**
  - validation: required/recommended/optional/none
  - review: required/recommended/optional/none
- **Dependencies:**
  - Agents: [list]
  - Commands: [list]
- **Steps:**
  1. [Step] - [component] - [purpose]
  ...
- **Tags:** [tag1, tag2, tag3]

---

Appendix: Component Reference

Key Agents Used

• orchestrator - Multi-agent coordination and workflow management
• component-qa-validator - Automated quality validation
• component-qa-reviewer - Manual quality review and approval
• senior-architect - Architecture and design decisions
• testing-specialist - Testing strategy and implementation
• security-specialist - Security analysis and hardening
• devops-engineer - CI/CD and infrastructure
• codi-documentation-writer - Documentation generation

Key Commands

• /new-project - Project creation
• /run-tests - Test execution
• /checkpoint - Session checkpointing
• /context-save - Context preservation
• /context-restore - Context restoration
• /security-scan - Security scanning
• /perf-profile - Performance profiling
• /full-review - Comprehensive code review

See COMPONENT-REFERENCE.md for complete inventory.

---

Last Updated: December 12, 2025 Framework: CODITECT v1.7.2 Maintainer: CODITECT Framework Team