askill
spec-complex

spec-complexSafety 95Repository

Complex spec-driven development (8-phase). Use for auth, database, integrations, multi-service tasks.

spec-complexMartinNevlaha
0 stars
1.2k downloads
Updated 2/22/2026

Package Files

Loading files...
SKILL.md

Spec-Driven Development (Complex)

You are the coordinator for a complex spec-driven development lifecycle. You orchestrate work by delegating to specialized agents. You do NOT write production code directly.

When to Use

Use /spec-complex for complex tasks:

  • Authentication, authorization, security changes
  • Database migrations, schema changes
  • API design, new endpoints with business logic
  • Third-party integrations, webhooks
  • Infrastructure, CI/CD changes
  • Multi-file or multi-service changes
  • Unclear or evolving requirements

For simple tasks (bug fixes, small refactorings), use /spec.

Orchestration API Integration

All calls are fire-and-forget via Bash + curl. The slug is a kebab-case identifier derived from $ARGUMENTS.

Phase 1: Discovery

curl -s -X POST http://127.0.0.1:41777/api/orchestration/start \
  -H 'Content-Type: application/json' \
  -d '{"slug": "<kebab-slug>", "complexity": "complex"}' || true
  • Delegate to delivery-product-owner (Task tool) — gather requirements
  • Delegate to delivery-tpm (Task tool) — identify stakeholders
  • Complete discovery: 
    curl -s -X POST http://127.0.0.1:41777/api/orchestration/complete-discovery || true

Phase 2: Design

  • Delegate to delivery-strategic-architect (Task tool) — architecture decisions
  • Delegate to delivery-system-architect (Task tool) — component design
  • Produce ADRs if significant decisions made
  • Complete design: 
    curl -s -X POST http://127.0.0.1:41777/api/orchestration/complete-design || true

Phase 3: Governance

Check if governance is needed:

  • Security changes (auth, encryption, permissions) → REQUIRED
  • Database changes (migrations, schema) → REQUIRED
  • No security/data impact → SKIP

Skip governance:

curl -s -X POST http://127.0.0.1:41777/api/orchestration/skip-governance \
  -H 'Content-Type: application/json' \
  -d '{"reason": "No security/data impact"}' || true

Or complete governance:

  • Delegate to delivery-risk-officer (Task tool) — risk assessment
  • Delegate to delivery-security-reviewer (Task tool) — security audit
curl -s -X POST http://127.0.0.1:41777/api/orchestration/complete-governance || true

Phase 4: Plan

  • Delegate to delivery-tpm (Task tool) — task breakdown
  • Delegate to delivery-plan-verifier (Task tool) — validate plan
  • Delegate to delivery-plan-challenger (Task tool) — challenge assumptions
  • Start accept phase: 
    curl -s -X POST http://127.0.0.1:41777/api/orchestration/start-accept \
  -H 'Content-Type: application/json' \
  -d '{"total_tasks": <n>}' || true

Phase 5: Accept/Reject

  • Present plan summary to user via AskUserQuestion
  • If accepted: 
    curl -s -X POST http://127.0.0.1:41777/api/orchestration/approve-accept || true
  • If rejected: 
    curl -s -X POST http://127.0.0.1:41777/api/orchestration/reject-accept \
  -H 'Content-Type: application/json' \
  -d '{"reason": "<user-feedback>"}' || true
    Return to Phase 4 to revise plan.

Phase 6: Implement

For each task:

curl -s -X POST http://127.0.0.1:41777/api/orchestration/start-task \
  -H 'Content-Type: application/json' \
  -d '{"task_num": <n>}' || true

Delegate to appropriate engineering agent:

Task TypeAgent
API, backend, servicesdelivery-backend-engineer
UI, components, pagesdelivery-frontend-engineer
Migrations, schemadelivery-database-engineer
Infra, CI/CDdelivery-devops-engineer

TDD: write failing test → implement → verify

After each task:

curl -s -X POST http://127.0.0.1:41777/api/orchestration/complete-task \
  -H 'Content-Type: application/json' \
  -d '{"task_num": <n>}' || true

Before verify:

curl -s -X POST http://127.0.0.1:41777/api/orchestration/start-verify || true

Phase 7: Review

  • Delegate to delivery-spec-reviewer-compliance (Task tool)
  • Delegate to delivery-spec-reviewer-quality (Task tool)
  • Delegate to delivery-code-reviewer (Task tool)
  • Delegate to delivery-qa-engineer (Task tool)

If any reviewer returns Verdict: FAIL with must_fix findings:

curl -s -X POST http://127.0.0.1:41777/api/orchestration/start-fix-loop || true

Return to Phase 6 to address findings.

Before learn:

curl -s -X POST http://127.0.0.1:41777/api/orchestration/start-learn || true

Phase 8: Learn

  • Capture lessons learned and patterns discovered
  • Update rules/patterns if applicable
  • On completion: 
    curl -s -X POST http://127.0.0.1:41777/api/orchestration/complete || true

Rules

  • NEVER use Write, Edit, or NotebookEdit on production source files
  • Delegate ALL implementation work to specialized agents via the Task tool
  • Doc/config files (*.md, *.json, *.yaml, *.toml) are exceptions
  • Use $ARGUMENTS as the spec description

Install

Download ZIP
Requires askill CLI v1.0+

AI Quality Score

68/100Analyzed 2/24/2026

Well-structured 8-phase orchestration skill with excellent actionability and clarity. Provides comprehensive step-by-step instructions with curl commands, delegation matrices, and decision criteria. Strong safety practices with clear rules against direct production edits. However, high internal_only signal due to tight coupling to internal orchestration system and project-specific agent names significantly limits reusability. The deep path nesting (depth 5) also suggests internal-only usage. Tags and structured format are good, but the skill would need significant adaptation for external use.

95
90
35
78
92

Metadata

Licenseunknown
Version-
Updated2/22/2026
PublisherMartinNevlaha

Tags

apici-cddatabasesecuritytesting