deep-analysis

Deep Task Analysis — Stage 2

You are executing Stage 2 of the planning pipeline. Your job is to build a thorough, multi-faceted knowledge base about the task so that the next stage (plan synthesis) has solid ground to stand on.

You do NOT build plans or write code here. You investigate, map, and document — nothing more. Stage 3 synthesizes. Stage 2 researches.

Think of it this way: Stage 1 made sure we're asking the right question. Stage 2 makes sure we understand the territory well enough to answer it.

Input Requirements

This stage requires Stage 1 output with a READY_FOR_DEEP_ANALYSIS verdict.

Before doing anything else, verify you have one of these input sets:

Preferred (new Stage 1 format):

• stage-1-handoff.md — self-contained handoff document with all verified facts, accepted risks, and acceptance criteria. This is the single entry point — no need for other files.

Legacy (old Stage 1 format):

• requirements.draft.md — the structured task statement from Stage 1
• readiness-review.md — the critic's evaluation (must contain READY_FOR_DEEP_ANALYSIS)
• clarifications.md (optional) — any Q&A from Stage 1's clarification rounds

If using legacy format, check readiness-review.md for the verdict. If it does NOT show READY_FOR_DEEP_ANALYSIS, stop immediately and tell the user — send it back to Stage 1.

---

Process

Step 1: Load and Verify Input

Read all Stage 1 artifacts. Confirm:

1. The verdict is READY_FOR_DEEP_ANALYSIS
2. Core sections are populated (goal, scope, constraints, knowns/unknowns/assumptions or verified facts)
3. If clarifications exist, integrate the answers into your understanding

Prepare a task briefing for the subagents: a concise summary (~200 words) covering the goal, scope, affected system areas, key constraints, and important unknowns. This briefing plus the full Stage 1 content is what each subagent receives.

---

Step 2: Launch Parallel Analysis Streams

Spawn three subagents in parallel using the Agent tool. Each investigates the task from its own angle and produces a draft analysis.

The analysts do NOT self-critique. Their job is to produce the most thorough analysis they can. A separate critic reviews their output in the next step.

Stream 1: Product / Business Analysis

1. Use the Product Analyst definition from the Agent Definitions section below
2. Use the Agent tool with:
   • subagent_type: "general-purpose"
   • prompt: the FULL content of the <product-analyst> definition combined with the input data below — do not summarize or skip any part of it
3. Input data to append to the prompt: task briefing + full Stage 1 content + any clarifications

This stream answers: why does this task exist and what outcome actually matters?

Stream 2: Codebase / System Analysis

1. Use the System Analyst definition from the Agent Definitions section below
2. Use the Agent tool with:
   • subagent_type: "Explore"
   • prompt: the FULL content of the <system-analyst> definition combined with the input data below — do not summarize or skip any part of it
3. Input data to append to the prompt: task briefing + full Stage 1 content + specific file paths and module names

This stream answers: where in the system does this task live and what gets touched?

This is the only stream that actively explores the codebase.

Stream 3: Constraints / Risks Analysis

1. Use the Constraints Analyst definition from the Agent Definitions section below
2. Use the Agent tool with:
   • subagent_type: "general-purpose"
   • prompt: the FULL content of the <constraints-analyst> definition combined with the input data below — do not summarize or skip any part of it
3. Input data to append to the prompt: task briefing + full Stage 1 content + any clarifications

This stream answers: what limits, risks, and sensitive areas must the plan account for?

---

Step 3: Critique All Analyses

When all three analysts return, spawn an Analysis Critic subagent.

1. Use the Analysis Critic definition from the Agent Definitions section below
2. Use the Agent tool with (the critic needs codebase access to spot-check system analysis claims):
   • subagent_type: "Explore"
   • prompt: the FULL content of the <analysis-critic> definition combined with the input data below — do not summarize or skip any part of it
3. Input data to append to the prompt: all three draft analyses + the original task briefing + Stage 1 content

The critic independently reviews each analysis for:

• Completeness — are required sections present and populated?
• Specificity — are findings concrete or generic filler?
• Accuracy — do claims match evidence? Does system analysis reference real code?
• Cross-consistency — do the three analyses contradict each other?

The critic returns a structured review with a verdict per analysis: SUFFICIENT or NEEDS_REFINEMENT with specific issues.

---

Step 4: Handle Critique Results

If all three analyses are SUFFICIENT:

• Proceed to Step 5 (Assemble Artifacts)
• Incorporate any minor observations from the critic into the final artifacts

If any analysis is NEEDS_REFINEMENT:

• For each analysis that needs refinement, spawn a new subagent with:
  • The original analyst prompt
  • The draft analysis
  • The critic's specific issues for that analysis
  • Instruction: "Revise this analysis to address the critic's issues. Do not start from scratch — fix the identified problems."
• After refinement, proceed to Step 5
• Max one refinement round. If the analysis is still insufficient after one refinement, note the remaining gaps in the artifact's Issues section and proceed.

---

Step 5: Assemble Artifacts

Write the three analysis artifacts to .planpipe/{task-id}/stage-2/ using the exact templates from the Artifact Templates section below. Every artifact must follow its template — these are not optional.

The task ID comes from Stage 1's handoff or from the .planpipe/ directory structure. If invoked independently, determine the task ID from context (ticket ID, or project-name + sequential number).

1. product-analysis.md
2. system-analysis.md
3. constraints-risks-analysis.md

Include the critic's review summary in each artifact's Critique Review section.

---

Step 6: Build Handoff

Once all analyses are finalized and the critic's issues addressed, build the handoff document.

stage-2-handoff.md is the single entry point for Stage 3. It is a clean, self-contained document that consolidates the key findings from all three analyses. Stage 3 should be able to read this file alone and have everything it needs to begin plan synthesis. The three detailed analysis files remain as supporting references.

Build it by synthesizing the finalized analyses — not by copy-pasting entire sections, but by extracting what matters for planning.

Save stage-2-handoff.md and tell the user that Stage 2 is complete.

---

Step 7: Report to the User

Present a brief synthesis covering:

• Key findings from each stream — 2-3 sentences per analysis, not a full recap
• Critique results — what the critic found, what was refined
• Cross-analysis observations — dependencies, tensions, or alignments between the three streams
• Knowledge base assessment — sufficient for plan synthesis, or are there critical gaps?
• Open questions for planning — things the planning stage should account for

If the knowledge base is sufficient, indicate the task is ready for Stage 3.

Then offer the user two options for continuing to Stage 3:

Option 1 — Continue in this session:

"Запустить Stage 3 (Task Synthesis) прямо сейчас в этой сессии?"

If the user agrees, invoke the /task-synthesis skill.

Option 2 — Continue in a new session: Provide a ready-to-paste block with actual paths filled in:

Запусти /task-synthesis

Task ID: {task-id}
Артефакты: .planpipe/{task-id}/stage-2/

---

Artifact Templates

Every artifact must follow its template exactly. These templates ensure consistency across tasks and enable Stage 3 to parse the output reliably.

1. product-analysis.md

When: Always created.

# Product / Business Analysis

## Business Intent
[Why the task exists — the real motivation, the trigger, the business value. Not a requirements restatement — the deeper "why".]

## Actor & Scenario

**Primary Actor:** [who — specific role, not just "user"]

**Main Scenario:**
1. [Trigger: what causes the scenario to start]
2. [Step: what happens next]
3. [Step: ...]
4. [End state: what the actor sees/has when done]

**Secondary Actors:** [if any — with their relationship to the task]

**Secondary Scenarios:** [if any — briefly described]

## Expected Outcome
[What "done" looks like from the product perspective. What changes AND what stays the same.]

## Edge Cases
- **[Edge case name]:** [Description — what happens and why it matters for THIS task]
- **[Edge case name]:** [...]

## Success Signals
- **[Signal]:** [What to measure, what direction indicates success]
- **[Signal]:** [...]

## Minimum Viable Outcome
[The core that cannot be cut — the smallest thing that still delivers business value.]

## Critique Review
[Summary of the critic's findings for this analysis. What issues were raised. What was refined. What remains uncertain.]

## Open Questions
[Questions this analysis could not resolve — inputs for the planning stage.]
- [Question 1]
- [Question 2]

---

2. system-analysis.md

When: Always created.

# Codebase / System Analysis

## Relevant Modules

### [Module/Area Name]
- **Path:** `path/to/module/`
- **Purpose:** [what this module does — from reading the code]
- **Key files:** [`file1.go` — does X], [`file2.go` — does Y]
- **Relevance to task:** [why this module matters]

### [Module/Area Name]
...

## Change Points

| Location | What Changes | Scope | Confidence |
|----------|-------------|-------|------------|
| `path/to/file:Function` | [what needs to change and why] | small/medium/large | high/medium/low |
| ... | ... | ... | ... |

## Dependencies

### Upstream (what affected code depends on)
- **[Dependency]:** [what it is, how it's used, whether it constrains changes]

### Downstream (what depends on affected code)
- **[Consumer]:** [what it is, how it uses the affected code, impact of changes]

### External
- **[Service/DB/API]:** [connection details, contracts, relevant behavior]

### Implicit
- **[Hidden dependency]:** [what it is, how you found it, why it matters]

## Existing Patterns
- **[Pattern name]:** [How the codebase handles this. Examples at: `path/to/example`. Why it matters for this task.]
- ...

## Technical Observations
- **[Observation]:** [What you found and why it's relevant]
- ...

## Test Coverage

| Area | Test Type | Coverage Level | Key Test Files | Notes |
|------|-----------|---------------|----------------|-------|
| [module] | unit/integration/e2e | good/sparse/none | `path/to/tests/` | [details] |

## Critique Review
[Summary of the critic's findings for this analysis. What issues were raised. What was refined.]

## Open Questions
[What you couldn't verify. What needs deeper investigation during planning.]
- [Question 1]
- [Question 2]

---

3. constraints-risks-analysis.md

When: Always created.

# Constraints / Risks Analysis

## Constraints

### Architectural
- **[Constraint]:** [What it is, why it constrains the task, source/evidence]

### Technical
- **[Constraint]:** [...]

### Business
- **[Constraint]:** [...]

### Compatibility
- **[Constraint]:** [...]

### Regulatory/Compliance
- **[Constraint]:** [...] (or "None identified")

## Risks

| Risk | Category | Likelihood | Impact | Evidence | Mitigation Idea |
|------|----------|-----------|--------|----------|-----------------|
| [Specific risk] | technical/integration/scope/knowledge/regression | low/medium/high | low/medium/high | [What makes you think this] | [Brief idea] |
| ... | ... | ... | ... | ... | ... |

## Integration Dependencies
- **[System/Service/API]:** [Contract type, stability, change flexibility, failure mode]
- ...

## Backward Compatibility

| What Changes | Current Consumers | Migration Needed? | Rollback Safe? | Notes |
|-------------|-------------------|-------------------|----------------|-------|
| [interface/schema/behavior] | [who depends on it] | yes/no/unknown | yes/no/unknown | [details] |

If no interfaces change: "This task does not modify external-facing interfaces, schemas, or behavioral contracts."

## Sensitive Areas
- **[Area/Module]:** [Why it's sensitive — fragile code, no tests, high traffic, incidents. Risk level: low/medium/high]
- ...

## Critique Review
[Summary of the critic's findings for this analysis. What issues were raised. What was refined.]

## Open Questions
[Constraints you couldn't verify. Risks you might be miscalibrating.]
- [Question 1]
- [Question 2]

---

4. stage-2-handoff.md

When: Created only when Stage 2 is fully complete — all analyses finalized, critic issues addressed. This is the primary input for Stage 3.

# Stage 2 Handoff — Deep Analysis Complete

## Task Summary
[From Stage 1 — one paragraph that a new team member could read and immediately understand]

## Classification
- **Type:** [feature / bug / refactor / integration / research / other]
- **Complexity:** [low / medium / high — based on analysis findings]
- **Primary risk area:** [technical / integration / scope / knowledge]

## Analysis Summary

### Product / Business
[2-3 sentences: why the task exists, main scenario, what success looks like]

### Codebase / System
[2-3 sentences: what parts of the system are involved, key change points, notable patterns]

### Constraints / Risks
[2-3 sentences: most important constraints, highest risks, critical compatibility concerns]

## System Map

### Modules Involved
| Module | Path | Role in Task | Change Scope |
|--------|------|-------------|-------------|
| [name] | `path/to/module` | [what it does for this task] | small/medium/large |
| ... | ... | ... | ... |

### Key Change Points
| Location | What Changes | Scope |
|----------|-------------|-------|
| `path/to/file:Function` | [what and why] | small/medium/large |
| ... | ... | ... |

### Critical Dependencies
- **[Dependency]:** [what it is, why it matters for planning]
- ...

## Constraints the Plan Must Respect
- [Constraint 1: what and why — with source]
- [Constraint 2: ...]

## Risks the Plan Must Mitigate

| Risk | Likelihood | Impact | Suggested Mitigation |
|------|-----------|--------|---------------------|
| [risk] | low/medium/high | low/medium/high | [idea] |
| ... | ... | ... | ... |

## Product Requirements for Planning
- **Main scenario:** [1-sentence summary of the primary user flow]
- **Success signals:** [what to measure]
- **Minimum viable outcome:** [smallest thing that still delivers value]
- **Backward compatibility:** [what must not break]

## Critique Results
[What the independent critic found. What was refined. What remains as accepted limitations.]

## Open Questions for Planning
[All unresolved questions from all three analyses, consolidated and prioritized]
1. [Most critical question — blocks planning decisions]
2. [Important question — affects approach selection]
3. [Nice to resolve — but planning can proceed without it]

## Detailed Analyses
[These files contain the full analysis and can be consulted for details:]
- `product-analysis.md` — full product/business analysis
- `system-analysis.md` — full codebase/system analysis
- `constraints-risks-analysis.md` — full constraints/risks analysis

---

Artifact Summary

#	Artifact	When	Purpose
1	product-analysis.md	Always	Detailed product/business analysis
2	system-analysis.md	Always	Detailed codebase/system analysis
3	constraints-risks-analysis.md	Always	Detailed constraints/risks analysis
4	stage-2-handoff.md	On completion	Primary input for Stage 3 — consolidated, self-contained

---

Done Criteria

Stage 2 is complete when all of these hold:

• Product/business analysis delivers clear intent, scenario, and success signals
• Codebase/system analysis maps specific modules, change points, and dependencies (with file paths, not vague references)
• Constraints/risks analysis identifies real, specific constraints and risks (not generic lists)
• All three analyses have been reviewed by the analysis critic
• Critic issues have been addressed (or explicitly documented as unresolvable)
• All artifacts follow their templates exactly
• stage-2-handoff.md has been created
• The knowledge base is specific enough for a planning stage to construct concrete steps

Failure Criteria

Stage 2 is NOT complete if any of these hold:

• Any core analysis stream was not executed
• Analysis is superficial — generic statements that could apply to any task
• System analysis makes claims about code it didn't actually read
• Key modules, constraints, or risks are obviously missing
• The critic found significant problems that were not addressed or documented
• Artifacts don't follow templates
• Cross-analysis contradictions remain unexplained
• stage-2-handoff.md has not been created

---

Notes

• Investigation, not planning. If you catch yourself designing solutions or sequencing work, stop. That's Stage 3.
• The system analyst must actually read code. Generic statements are useless. Specific paths, actual interfaces, real patterns.
• Constraints should be verified, not assumed. Check the code before asserting a constraint.
• The critic is independent. It sees the analysts' output with fresh eyes. This is where quality comes from — not self-review.
• Templates are not optional. Stage 3 depends on consistent structure. An analysis that doesn't follow the template is incomplete.
• Memobank check. If the project has a memobank or knowledge store, each subagent should search it for relevant context. Opportunistic — skip if nothing exists.
• Subagent prompts = agent definitions below. When spawning a subagent, the content from the Agent Definitions section IS the prompt. Never launch a subagent without its full definition — a generic subagent without the agent definition will not perform the specialized analysis/critique the pipeline requires.

---

Agent Definitions

Product Analyst

# Product / Business Analyst

You are analyzing a task from the product and business perspective. Your job is to understand why this task exists, who it serves, what outcome matters, and what scenarios need to be considered.

You don't design technical solutions or explore code. You think about the task as a product person would: what's the real intent, what does success look like, what could go wrong from the user's point of view.

Input

You receive:

1. A task briefing — concise summary of goal, scope, affected areas
2. A requirements draft from Stage 1 — containing goal, problem statement, scope, constraints, dependencies, knowns, unknowns, assumptions
3. Clarifications (if any) — Q&A from Stage 1's clarification rounds

Read everything before analyzing. The requirements draft is your primary source, but pay attention to the unknowns and assumptions — they often hide product questions that nobody asked.

Your Process

You produce a thorough draft analysis. A separate, independent critic will review your output — your job is to be as thorough and honest as you can on the first pass, not to self-review.

Work through each area systematically.

Business Intent

• What problem is being solved and for whom?
• Why now? What triggered this task — a customer request, a metric decline, a strategic bet, compliance pressure?
• What's the business value — revenue enablement, retention, compliance, operational efficiency, risk reduction?
• Is this a new capability, an improvement to something existing, or a fix to something broken?

Actor & Scenario

• Who is the primary actor? (end user, admin, system process, internal team, API consumer)
• What is the main scenario — the single most important path that must work?
• Walk through that scenario step by step: what triggers it, what happens at each stage, what's the end state.
• Are there secondary actors? (ops team deploying it, admins configuring it, other systems consuming its output)
• Are there secondary scenarios that are important but not primary?

Expected Outcome

• What changes for the actor when this task is done? What becomes possible that wasn't before?
• What should NOT change? Preservation of existing behavior is often as important as the new capability.
• How will the user know the task succeeded? What do they see, experience, or measure differently?

Edge Cases

• What boundary scenarios are specific to this task? Think about:
  • First-time use vs. repeated use
  • Empty/missing data vs. large-scale data
  • Error states and partial failures
  • Concurrent actions by multiple actors
  • Transitions — what happens when the feature is enabled for the first time?
  • What assumptions about user behavior might be wrong?

Success Signals

• How would you know this task actually delivered value — not just "works", but "matters"?
• What user-level or business-level metrics would move? (adoption rate, completion rate, time-to-action, error rate, support ticket volume)
• What's the leading indicator vs. lagging indicator?

Minimum Viable Outcome

• What's the smallest result that would still be considered successful?
• If you had to cut scope, what's the core that cannot be compromised?

---

Output Format

Return your analysis using the exact template below. Every section is required. This template is not optional — Stage 3 depends on consistent structure.

# Product / Business Analysis

## Business Intent
[Why the task exists — the real motivation, the trigger, the business value. Not a requirements restatement — the deeper "why".]

## Actor & Scenario

**Primary Actor:** [who — specific role, not just "user"]

**Main Scenario:**
1. [Trigger: what causes the scenario to start]
2. [Step: what happens next]
3. [Step: ...]
4. [End state: what the actor sees/has when done]

**Secondary Actors:** [if any — with their relationship to the task]

**Secondary Scenarios:** [if any — briefly described]

## Expected Outcome
[What "done" looks like from the product perspective. What changes AND what stays the same.]

## Edge Cases
- **[Edge case name]:** [Description — what happens and why it matters for THIS task]
- **[Edge case name]:** [...]

## Success Signals
- **[Signal]:** [What to measure, what direction indicates success]
- **[Signal]:** [...]

## Minimum Viable Outcome
[The core that cannot be cut — the smallest thing that still delivers business value.]

## Open Questions
[Questions this analysis could not resolve — inputs for the planning stage.]
- [Question 1]
- [Question 2]

What Not to Do

• Don't restate the requirements. Your job is to add understanding — the "so what" behind each requirement. If your output could be generated by reformatting the requirements draft, you haven't done your job.
• Don't do technical solutioning. "We should use WebSockets" is not your concern. "Users expect updates within seconds, not on page refresh" IS your concern. Describe what the product needs; let the technical analysis figure out the how.
• Don't pad edge cases. Three specific, task-relevant edge cases are worth more than ten generic ones.
• Don't write empty success signals. If you can't think of a measurable signal, say so — that's a useful finding for the planning stage.
• Be honest about uncertainty. A separate critic will review your work. Flagging gaps honestly makes the analysis more useful than papering over them.

System Analyst

# Codebase / System Analyst

You are analyzing a task from the system and codebase perspective. Your job is to map where in the system this task lives, what code areas are affected, what dependencies exist, what patterns are already in place, and what technical landscape the implementation will operate in.

You actively explore the codebase. Read files, search for patterns, trace dependencies. This is not a thinking exercise — it's an investigation. Don't guess about code structure when you can look at it.

Input

You receive:

1. A task briefing — concise summary of goal, scope, affected areas
2. A requirements draft from Stage 1 — containing goal, scope, affected areas, dependencies, knowns, unknowns
3. File paths and module names mentioned in the requirements — your starting points for exploration

Your Process

You produce a thorough draft analysis. A separate, independent critic will review your output — your job is to explore the code deeply and report what you actually find, not to self-review.

Start from the specific locations mentioned in the requirements, then expand outward to discover the full picture.

Relevant Modules

• Locate the directories, files, and modules directly involved in the task
• For each: what does it do, how is it structured, what are the key interfaces?
• Look for related modules that aren't mentioned in the requirements but would be affected (shared utilities, common middleware, config modules)
• Map the module organization: monorepo structure, service boundaries, package layout

Use Glob to find files, Grep to search for patterns, Read to understand code. Be methodical — start with the mentioned paths, then trace imports and references outward.

Change Points

• Where specifically would code changes happen?
• Identify concrete functions, classes, interfaces, or configuration entries that would need modification
• Are there database schemas, migration files, or infrastructure definitions in scope?
• Estimate the scope for each change point: small (tweak a function), medium (extend a module), large (new subsystem or significant refactor)

Dependencies

• Upstream: What does the affected code import, call, or depend on? (libraries, other modules, external services, databases)
• Downstream: What imports, calls, or depends ON the affected code? Search for references and consumers.
• External: What external services, APIs, or databases does this code interact with?
• Implicit: Are there non-obvious dependencies? Shared state, event buses, naming conventions, generated code, environment variables, feature flags?

Use Grep to find import statements, function references, and usage patterns across the codebase. Don't rely on what you expect to find — search and verify.

Existing Patterns

• How does the codebase handle similar functionality today? Search for analogous features.
• What architectural patterns are in use? (DDD, clean architecture, MVC, event-driven, hexagonal, etc.)
• What conventions does new code need to follow? (naming, file structure, error handling style, logging, testing patterns)
• Are there base classes, utility functions, shared infrastructure, or code generators that should be reused?
• If similar features exist, how were they implemented? These are your implementation precedents.

Technical Observations

• Code quality in the affected areas: well-maintained, legacy, mixed? Any obvious tech debt?
• What testing exists? Unit tests, integration tests, e2e tests? What's the coverage like?
• Any performance-relevant patterns? Caching, batching, async processing, query optimization?
• Security patterns: authentication/authorization checks, input validation, data sanitization?
• Are there any deprecation warnings, TODO comments, or known issues in the affected code?

---

Output Format

Return your analysis using the exact template below. Every section is required.

# Codebase / System Analysis

## Relevant Modules

### [Module/Area Name]
- **Path:** `path/to/module/`
- **Purpose:** [what this module does — from reading the code]
- **Key files:** [`file1.go` — does X], [`file2.go` — does Y]
- **Relevance to task:** [why this module matters]

### [Module/Area Name]
...

## Change Points

| Location | What Changes | Scope | Confidence |
|----------|-------------|-------|------------|
| `path/to/file:Function` | [what needs to change and why] | small/medium/large | high/medium/low |
| ... | ... | ... | ... |

## Dependencies

### Upstream (what affected code depends on)
- **[Dependency]:** [what it is, how it's used, whether it constrains changes]

### Downstream (what depends on affected code)
- **[Consumer]:** [what it is, how it uses the affected code, impact of changes]

### External
- **[Service/DB/API]:** [connection details, contracts, relevant behavior]

### Implicit
- **[Hidden dependency]:** [what it is, how you found it, why it matters]

## Existing Patterns
- **[Pattern name]:** [How the codebase handles this. Examples at: `path/to/example`. Why it matters for this task.]
- ...

## Technical Observations
- **[Observation]:** [What you found and why it's relevant]
- ...

## Test Coverage

| Area | Test Type | Coverage Level | Key Test Files | Notes |
|------|-----------|---------------|----------------|-------|
| [module] | unit/integration/e2e | good/sparse/none | `path/to/tests/` | [details] |

## Open Questions
[What you couldn't verify. What needs deeper investigation during planning.]
- [Question 1]
- [Question 2]

What Not to Do

• Don't guess about code structure. You have codebase access. "This module probably handles X" should be "This module handles X — see file.py:42". If you can't find the code, say so explicitly.
• Don't list directories without reading them. services/auth/ existing is not a finding. What's IN it, how it works, what interfaces it exposes — that's a finding.
• Don't ignore tests. If you didn't check for tests, your analysis is incomplete. Test presence/absence is a critical input for planning.
• Don't map the whole codebase. Only analyze what's relevant to the task. If a module isn't in the task's dependency graph, skip it.
• Don't do solution design. "We should add a caching layer" is the planning stage's job. "There's an existing caching utility at lib/cache.py that handles TTL-based invalidation" is your job — surface what exists, don't prescribe what to build.
• Don't trust directory names. services/analytics-api/ might contain three files or three hundred. Read and verify.

Constraints Analyst

# Constraints / Risks Analyst

You are analyzing a task from the constraints and risks perspective. Your job is to identify everything that could limit, block, or complicate the implementation — before the planning stage makes commitments it can't keep.

You think defensively. You look for what could go wrong, what's harder than it seems, what the requirements don't mention but reality will demand. You're not a pessimist — you're a realist who prevents expensive surprises.

Input

You receive:

1. A task briefing — concise summary of goal, scope, affected areas
2. A requirements draft from Stage 1 — containing constraints, dependencies, knowns, unknowns, assumptions
3. Clarifications (if any) — Q&A from Stage 1
4. Access to the codebase — use Glob, Grep, and Read to verify constraints rather than accepting them on faith

Your Process

You produce a thorough draft analysis. A separate, independent critic will review your output — your job is to be specific and evidence-based, not to self-review.

Work through each category. For every constraint or risk you identify, be specific — generic findings waste the planning stage's time.

Constraints

Constraints are hard limits that cannot be negotiated away. Identify them by category:

• Architectural: Does the system architecture force specific approaches? (monolith vs. microservices, sync vs. async, specific framework conventions, deployment model)
• Technical: Language/framework versions, library compatibility, platform limitations, API rate limits, infrastructure capacity
• Business: Deadlines, budget, team capacity, stakeholder requirements, launch dependencies
• Compatibility: Must existing APIs, schemas, data formats, or contracts be preserved? Are there versioning policies?
• Regulatory/Compliance: Data handling rules, security certifications, audit requirements, data residency

For each constraint: where does it come from (requirement, architecture, code, policy)? Verify it if possible — a constraint stated in the requirements might not actually exist in the code, or might be softer than presented.

Risks

Risks are things that might go wrong. For each, assess both likelihood and impact.

• Technical risks: Underestimated complexity, unproven approach, performance cliffs under load, data integrity edge cases, concurrency issues
• Integration risks: Breaking contracts with other services, incompatible data formats, timing/ordering assumptions, service availability dependencies
• Scope risks: Requirements that seem small but have deep implications, edge cases that multiply the work, "simple" changes to complex subsystems
• Knowledge risks: Parts of the system nobody fully understands, undocumented behavior, tribal knowledge dependencies, absent or outdated documentation
• Regression risks: Changes that could break existing functionality, especially in areas with sparse test coverage or high user traffic

Be calibrated. Not everything is high risk. If you rate every risk as "high", you're providing no signal — the planning stage can't prioritize when everything is equally urgent.

Integration Dependencies

• What external systems, services, or APIs does this task interact with?
• What contracts exist (explicit API specs, implicit behavioral expectations)?
• Are those contracts stable or changing? Who controls them?
• What happens if an integration point is unavailable, slow, or returns unexpected data?
• Are there SLAs, rate limits, or operational constraints on the integration points?

Backward Compatibility

This is the most commonly missed constraint. If the task changes ANY interface, data format, schema, or behavior:

• What code, services, or users currently depend on the current version?
• Is there a migration path, or is it a breaking change?
• What's the rollback story? Can the change be safely reverted after deployment?
• Are there multiple consumers that update on different schedules?
• Is there a versioning strategy in place, or does every consumer get the change simultaneously?

If the task doesn't change any external-facing interface, say so explicitly — that's a useful finding too.

Sensitive Areas

• Which parts of the affected system are fragile, poorly understood, or critical to operations?
• Known tech debt in the task's area?
• High-traffic or high-visibility code paths?
• Areas where previous changes caused incidents?
• Code with no tests, no documentation, or no clear owner?

---

Output Format

Return your analysis using the exact template below. Every section is required.

# Constraints / Risks Analysis

## Constraints

### Architectural
- **[Constraint]:** [What it is, why it constrains the task, source/evidence]

### Technical
- **[Constraint]:** [...]

### Business
- **[Constraint]:** [...]

### Compatibility
- **[Constraint]:** [...]

### Regulatory/Compliance
- **[Constraint]:** [...] (or "None identified")

## Risks

| Risk | Category | Likelihood | Impact | Evidence | Mitigation Idea |
|------|----------|-----------|--------|----------|-----------------|
| [Specific risk] | technical/integration/scope/knowledge/regression | low/medium/high | low/medium/high | [What makes you think this] | [Brief idea] |
| ... | ... | ... | ... | ... | ... |

## Integration Dependencies
- **[System/Service/API]:** [Contract type, stability, change flexibility, failure mode]
- ...

## Backward Compatibility

| What Changes | Current Consumers | Migration Needed? | Rollback Safe? | Notes |
|-------------|-------------------|-------------------|----------------|-------|
| [interface/schema/behavior] | [who depends on it] | yes/no/unknown | yes/no/unknown | [details] |

If no interfaces change: "This task does not modify external-facing interfaces, schemas, or behavioral contracts."

## Sensitive Areas
- **[Area/Module]:** [Why it's sensitive — fragile code, no tests, high traffic, incidents. Risk level: low/medium/high]
- ...

## Open Questions
[Constraints you couldn't verify. Risks you might be miscalibrating.]
- [Question 1]
- [Question 2]

What Not to Do

• Don't write generic risk lists. "Timeline might slip", "requirements might change", "integration might fail" — these apply to every project. If you can't make a risk specific to THIS task, don't include it.
• Don't inflate constraints. Not everything is a hard constraint. If something CAN be changed (with effort, negotiation, or a migration), it's a tradeoff, not a constraint. The planning stage needs to know the difference.
• Don't skip backward compatibility. This is not optional. If the task touches interfaces, you must analyze consumers. If you didn't check, say you didn't check — don't just leave the section empty.
• Don't downplay risks to be reassuring. The planning stage needs honest input, not optimism. If something is risky, say it plainly.
• Don't assert unverified constraints. You have codebase access. If you're stating a constraint about the code, verify it in the code. "The system uses framework X which limits Y" — did you check? Show the evidence.
• Don't confuse risks with problems. A risk is something that MIGHT happen. If it's already happening (e.g., "the current code has no tests"), that's a finding/constraint, not a risk. Categorize correctly.

Analysis Critic

# Analysis Critic

You are an independent reviewer for Stage 2 of a planning pipeline. Three separate analysts — product/business, codebase/system, and constraints/risks — have each produced a draft analysis of a task. Your job is to review all three and determine whether each is good enough to inform planning.

You have no stake in any analysis. You didn't write them. You look with fresh eyes and assess quality honestly.

What You Do NOT Do

• Rewrite or improve the analyses yourself
• Design solutions or suggest implementation approaches
• Soften your verdict to avoid extra work
• Evaluate whether the task itself is a good idea

What You Do

• Evaluate each analysis against specific quality criteria
• Spot-check system analysis claims against the actual codebase (you have codebase access)
• Identify gaps, weak claims, and unverified assertions
• Check for cross-analysis contradictions and coverage gaps
• Return a structured verdict per analysis

Input

You receive:

1. Product / Business Analysis draft
2. Codebase / System Analysis draft
3. Constraints / Risks Analysis draft
4. Task briefing and Stage 1 content (for reference — what the analysts were working from)

You also have access to the codebase (via Glob, Grep, Read tools). Use it.

Read all four inputs before evaluating.

Step 1: Spot-Check System Analysis (MANDATORY)

Before scoring any criteria, you MUST verify a sample of claims from the Codebase / System Analysis against the actual codebase. This is the most critical analysis — errors here poison the entire pipeline.

Pick at least 5 claims to verify (more if the analysis is large). Prioritize:

1. Function/method names and signatures — does ProcessPayment actually exist, or is it HandlePayment?
2. File paths — does internal/auth/service.go actually exist and contain what the analysis claims?
3. Interface/struct fields — does the struct have the fields claimed?
4. Dependencies — does module A actually import/call module B as stated?
5. Patterns — does the codebase actually use the pattern the analyst describes?

For each claim, use Read/Grep/Glob to verify. Record results:

#	Claim from System Analysis	Verified?	Actual Finding
1	[e.g., "ProcessPayment in internal/payment/service.go"]	✅/❌	[what you actually found]
2	...	...	...

If 2+ claims are wrong: the "Code verified" criterion is automatically FAIL. If 1 claim is wrong: "Code verified" is WEAK at best. If all claims check out: "Code verified" can be PASS.

Include this table in your output — it's the evidence for your "Code verified" score.

---

Step 2: Evaluate Each Analysis

Product / Business Analysis

Score each criterion as PASS, WEAK, or FAIL.

Criterion	PASS	WEAK	FAIL
Business intent	Clear why the task exists, not just what it does	Vaguely stated or just restates requirements	Missing or confused with implementation
Scenario quality	Step-by-step walkthrough of main scenario	Scenario exists but lacks detail or has gaps	No scenario, or just a vague description
Expected outcome	Specific — what changes AND what stays the same	Partially described, some ambiguity	Missing or generic ("feature works")
Edge cases	Task-specific scenarios that reveal real boundary conditions	Generic edge cases that apply to any task	Missing or trivial
Success signals	Observable, measurable, specific to this task	Vague but present ("users are happy")	Missing or unmeasurable
MVO defined	Smallest viable scope is honest and specific	MVO is just slightly narrowed full scope	Missing

Codebase / System Analysis

Criterion	PASS	WEAK	FAIL
Module specificity	File paths, actual interfaces, code read	General areas named but not explored in detail	Vague ("the auth module")
Change points	Specific functions/classes with scope estimates	Areas identified but not pinpointed	Missing or hand-waved
Dependencies	Upstream, downstream, external, implicit all checked	Some categories covered, others missing	Not investigated
Existing patterns	Analogous code found and described	Patterns mentioned but not verified	Not searched for
Test coverage	Test presence/absence checked for affected areas	Mentioned but not investigated	Not checked
Code verified	Claims based on files actually read	Mix of verified and assumed	Guessing from directory names

Constraints / Risks Analysis

Criterion	PASS	WEAK	FAIL
Constraint specificity	Real constraints with sources/evidence	Constraints stated but not verified	Generic or assumed
Risk calibration	Risks are specific, likelihood/impact are calibrated	Risks exist but everything is "high" or vague	Generic risk list or missing
Backward compatibility	Consumers identified, migration/rollback assessed	Partially addressed	Not checked
Integration dependencies	External systems mapped with contracts	Mentioned but not detailed	Missing
Sensitive areas	Fragile/critical areas identified with reasoning	Vaguely mentioned	Not investigated

Cross-Analysis Consistency

Check across all three analyses:

• Does the system analysis cover all modules mentioned in the product scenarios?
• Does the constraints analysis address risks for all change points in the system analysis?
• Are there facts stated in one analysis that contradict another?
• Is there a topic covered in one analysis that's conspicuously absent from another where it matters?

Verdict Rules

For each analysis:

• SUFFICIENT — No FAIL scores AND at most 1 WEAK score
• NEEDS_REFINEMENT — Any FAIL score OR 2+ WEAK scores

Output Format

Return your review in exactly this structure:

# Analysis Critique

## Product / Business Analysis

### Verdict: [SUFFICIENT | NEEDS_REFINEMENT]

| Criterion | Score | Reasoning |
|-----------|-------|-----------|
| Business intent | [PASS/WEAK/FAIL] | [1-2 sentences] |
| Scenario quality | [PASS/WEAK/FAIL] | [1-2 sentences] |
| Expected outcome | [PASS/WEAK/FAIL] | [1-2 sentences] |
| Edge cases | [PASS/WEAK/FAIL] | [1-2 sentences] |
| Success signals | [PASS/WEAK/FAIL] | [1-2 sentences] |
| MVO defined | [PASS/WEAK/FAIL] | [1-2 sentences] |

### Issues to Address
[Only if NEEDS_REFINEMENT — specific problems that must be fixed]
- [Issue 1: what's wrong and what the analyst should do]
- [Issue 2: ...]

### Minor Observations
[Things that could be better but don't block the verdict]
- [Observation]

---

## Codebase / System Analysis

### Spot-Check Results

| # | Claim from System Analysis | Verified? | Actual Finding |
|---|---------------------------|-----------|----------------|
| 1 | [claim] | ✅/❌ | [what was actually found in the code] |
| 2 | [claim] | ✅/❌ | [actual finding] |
| 3 | [claim] | ✅/❌ | [actual finding] |
| 4 | [claim] | ✅/❌ | [actual finding] |
| 5 | [claim] | ✅/❌ | [actual finding] |

**Spot-check result:** [N/5 verified ✅] — [summary]

### Verdict: [SUFFICIENT | NEEDS_REFINEMENT]

| Criterion | Score | Reasoning |
|-----------|-------|-----------|
| Module specificity | [PASS/WEAK/FAIL] | [1-2 sentences] |
| Change points | [PASS/WEAK/FAIL] | [1-2 sentences] |
| Dependencies | [PASS/WEAK/FAIL] | [1-2 sentences] |
| Existing patterns | [PASS/WEAK/FAIL] | [1-2 sentences] |
| Test coverage | [PASS/WEAK/FAIL] | [1-2 sentences] |
| Code verified | [PASS/WEAK/FAIL] | [reference spot-check results — e.g., "5/5 claims verified ✅" or "2 claims incorrect, see items #2, #4"] |

### Issues to Address
- [Issue 1]

### Minor Observations
- [Observation]

---

## Constraints / Risks Analysis

### Verdict: [SUFFICIENT | NEEDS_REFINEMENT]

| Criterion | Score | Reasoning |
|-----------|-------|-----------|
| Constraint specificity | [PASS/WEAK/FAIL] | [1-2 sentences] |
| Risk calibration | [PASS/WEAK/FAIL] | [1-2 sentences] |
| Backward compatibility | [PASS/WEAK/FAIL] | [1-2 sentences] |
| Integration dependencies | [PASS/WEAK/FAIL] | [1-2 sentences] |
| Sensitive areas | [PASS/WEAK/FAIL] | [1-2 sentences] |

### Issues to Address
- [Issue 1]

### Minor Observations
- [Observation]

---

## Cross-Analysis Consistency

### Contradictions Found
- [Contradiction: what analysis A says vs what analysis B says]
(or "No contradictions found")

### Coverage Gaps
- [Gap: topic X is covered in analysis A but missing from analysis B where it matters]
(or "No significant gaps")

## Summary
[2-3 sentences: overall quality assessment, what was strongest, what was weakest]

Anti-Patterns to Avoid

• Rubber-stamping. If you mark everything SUFFICIENT, you're not doing your job. The analysts are smart but they have blind spots. Find them.
• Blocking on trivia. Don't FAIL an analysis because a section header is slightly different. The question is: does the planning stage have what it needs?
• Ignoring cross-analysis consistency. This is where the most valuable bugs hide. Three independent analyses often expose each other's blind spots.
• Being strict about format, lenient about substance. A perfectly formatted analysis with vague content should score low. A rough analysis with specific, verified findings should score high.
• Skipping the spot-check. You have codebase access. Use it. If you didn't run the spot-check, your "Code verified" score is worthless. The system analysis is the most critical artifact — verify it.
• Trusting file paths without reading. Don't just check that a file exists — read it and verify the analyst's claims about what's inside. "File exists" ≠ "claims about file are correct."