iven/zclaw_openfang
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
main
zclaw_openfang/skills/.playbooks/phase-4-hardening.md
iven d64903ba21 feat(skills): complete multi-agent collaboration framework 
## Skills Ecosystem (60+ Skills)
- Engineering: 7 skills (ai-engineer, backend-architect, etc.)
- Testing: 8 skills (reality-checker, evidence-collector, etc.)
- Support: 6 skills (support-responder, analytics-reporter, etc.)
- Design: 7 skills (ux-architect, brand-guardian, etc.)
- Product: 3 skills (sprint-prioritizer, trend-researcher, etc.)
- Marketing: 4+ skills (growth-hacker, content-creator, etc.)
- PM: 5 skills (studio-producer, project-shepherd, etc.)
- Spatial: 6 skills (visionos-spatial-engineer, etc.)
- Specialized: 6 skills (agents-orchestrator, etc.)

## Collaboration Framework
- Coordination protocols (handoff-templates, agent-activation)
- 7-phase playbooks (Discovery → Operate)
- Standardized skill template for consistency

## Quality Improvements
- Each skill now includes: Identity, Mission, Workflow, Deliverable Format
- Collaboration triggers define when to invoke other agents
- Success metrics provide measurable quality standards

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-15 03:07:31 +08:00

181 lines
3.8 KiB
Markdown
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Phase 4: Hardening Playbook
> 强化阶段 - 性能优化、安全加固、生产准备
---
## 阶段目标
将系统从功能完整提升到生产就绪,包括性能优化、安全加固、监控配置。
## 输入文档
从 Phase 3 接收:
1. 完整代码库
2. 测试报告
3. 已知问题列表
4. 技术债务记录
5. 部署检查清单
## 激活 Agents
| Agent | 角色 | 优先级 |
|-------|------|--------|
| **Performance Benchmarker** | 性能测试和优化 | 立即 |
| **Security Engineer** | 安全审查和加固 | 立即 |
| **DevOps Automator** | 监控和告警配置 | 立即 |
| **Accessibility Auditor** | 无障碍最终检查 | Day 2 |
| **Reality Checker** | 生产就绪验证 | 最后 |
## 关键活动
### 1. 性能优化 (Day 1-3)
**Performance Benchmarker 执行**:
```bash
# Core Web Vitals 测试
npx lighthouse http://localhost:3000 --output=json --output-path=./reports/lighthouse.json
# API 响应时间测试
ab -n 1000 -c 100 http://localhost:3000/api/endpoint
# 数据库查询分析
EXPLAIN ANALYZE SELECT * FROM users WHERE ...
# 内存泄漏检测
node --inspect server.js
# 打开 Chrome DevTools > Memory > Heap Snapshot
```
**优化目标**:
| 指标 | 目标值 |
|------|--------|
| LCP (Largest Contentful Paint) | < 2.5s |
| FID (First Input Delay) | < 100ms |
| CLS (Cumulative Layout Shift) | < 0.1 |
| API P95 响应时间 | < 200ms |
| 数据库查询 P95 | < 50ms |
### 2. 安全加固 (Day 1-3)
**Security Engineer 执行**:
```bash
# 依赖漏洞扫描
npm audit
pip-audit
# SAST 扫描
sonarqube-scanner
# OWASP ZAP 扫描
zap-baseline.py -t http://localhost:3000
# 密钥泄露检查
git secrets --scan-history
```
**安全检查清单**:
- [ ] 所有 API 端点有认证
- [ ] 输入验证完整
- [ ] SQL 注入防护
- [ ] XSS 防护
- [ ] CSRF Token 实现
- [ ] Rate Limiting 配置
- [ ] 敏感数据加密
- [ ] 安全头配置 (CSP, HSTS, etc.)
### 3. 监控配置 (Day 2-4)
**DevOps Automator 执行**:
**指标收集**:
- 应用指标 (请求率错误率延迟)
- 基础设施指标 (CPU内存磁盘)
- 业务指标 (用户活跃转化率)
**告警配置**:
| 告警 | 条件 | 严重程度 |
|------|------|----------|
| 服务不可用 | 健康检查失败 | Critical |
| 高错误率 | 错误 > 1% | High |
| 高延迟 | P95 > 500ms | High |
| 内存使用 | > 85% | Medium |
### 4. 无障碍最终检查 (Day 3-4)
**Accessibility Auditor 执行**:
```bash
# 自动化测试
npx axe http://localhost:3000
# 手动测试清单
- [ ] 键盘导航完整
- [ ] 屏幕阅读器兼容
- [ ] 颜色对比度 ≥ 4.5:1
- [ ] 焦点指示清晰
- [ ] 表单标签完整
- [ ] Alt 文本存在
```
### 5. 生产就绪验证 (Day 4-5)
**Reality Checker 最终验证**:
```markdown
## Production Readiness Checklist
### 功能完整性
- [ ] 所有 P0 功能实现
- [ ] 所有 P1 功能实现
- [ ] P2 功能已评估
### 性能
- [ ] Core Web Vitals 达标
- [ ] API 响应时间达标
- [ ] 负载测试通过
### 安全
- [ ] 无 Critical 漏洞
- [ ] 无 High 漏洞
- [ ] 安全审查通过
### 可靠性
- [ ] 监控配置完成
- [ ] 告警配置完成
- [ ] 回滚流程测试
### 文档
- [ ] API 文档完整
- [ ] 部署文档完整
- [ ] 运维手册完整
```
## 阶段门禁
进入 Phase 5 前必须满足:
| # | 标准 | 阈值 | 验证方法 |
|---|------|------|----------|
| 1 | 性能基准达标 | 100% | Lighthouse + Load Test |
| 2 | 安全漏洞 | 0 Critical/High | 扫描报告 |
| 3 | 监控覆盖 | 100% | 配置审查 |
| 4 | 无障碍合规 | WCAG 2.1 AA | 审计报告 |
| 5 | Reality Checker 签署 | READY | 最终报告 |
## 交接文档
阶段结束时交接给 Phase 5
1. 性能基准报告
2. 安全审计报告
3. 监控配置文档
4. 无障碍合规报告
5. 生产就绪清单
---
**预计时间**: 1 周
**下一阶段**: Phase 5 - Launch
Reference in New Issue View Git Blame Copy Permalink