DHC
/
bmad-template
Observar 4
Favorito 0
Fork 0
Código Issues 0 Pull requests 0 Versões 0 Wiki Atividade
Você não pode selecionar mais de 25 tópicos Os tópicos devem começar com uma letra ou um número, podem incluir traços ('-') e podem ter até 35 caracteres.
2 Commits
2 Branches
Branch: master
Branches Tags
${ item.name }
Criar branch ${ searchTerm }
de master
${ noResults }
bmad-template/.codebuddy/skills/bmad-testarch-nfr/steps-c/step-04e-aggregate-nfr.md

step-04e-aggregate-nfr.md 6.8KB
Link permanente Visão normal Histórico Original

chore(repo): 初始化 BMAD 成品模板
6 dias atrás
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264 
  1. ---

  2. name: 'step-04e-aggregate-nfr'

  3. description: 'Aggregate NFR domain evidence audits into executive summary'

  4. nextStepFile: '{skill-root}/steps-c/step-05-generate-report.md'

  5. outputFile: '{test_artifacts}/nfr-assessment.md'

  6. ---

  7. 

  8. # Step 4E: Aggregate NFR Evidence Audit Results

  9. 

  10. ## STEP GOAL

  11. 

  12. Read outputs from 4 parallel NFR evidence audit subagents, calculate overall risk level, aggregate compliance status, and identify cross-domain risks.

  13. 

  14. ---

  15. 

  16. ## MANDATORY EXECUTION RULES

  17. 

  18. - 📖 Read the entire step file before acting

  19. - ✅ Speak in `{communication_language}`

  20. - ✅ Read all 4 subagent outputs

  21. - ✅ Calculate overall risk level

  22. - ❌ Do NOT re-assess NFRs (use subagent outputs)

  23. 

  24. ---

  25. 

  26. ## MANDATORY SEQUENCE

  27. 

  28. ### 1. Read All Subagent Outputs

  29. 

  30. ```javascript

  31. const domains = ['security', 'performance', 'reliability', 'scalability'];

  32. const assessments = {};

  33. 

  34. domains.forEach((domain) => {

  35.   const outputPath = `/tmp/tea-nfr-${domain}-{{timestamp}}.json`;

  36.   assessments[domain] = JSON.parse(fs.readFileSync(outputPath, 'utf8'));

  37. });

  38. ```

  39. 

  40. ---

  41. 

  42. ### 2. Calculate Overall Risk Level

  43. 

  44. **Risk hierarchy:** HIGH > MEDIUM > LOW > NONE

  45. 

  46. ```javascript

  47. const riskLevels = { HIGH: 3, MEDIUM: 2, LOW: 1, NONE: 0 };

  48. const domainRisks = domains.map((d) => assessments[d].risk_level);

  49. const maxRiskValue = Math.max(...domainRisks.map((r) => riskLevels[r]));

  50. const overallRisk = Object.keys(riskLevels).find((k) => riskLevels[k] === maxRiskValue);

  51. ```

  52. 

  53. **Risk assessment:**

  54. 

  55. - If ANY domain is HIGH → overall is HIGH

  56. - If ANY domain is MEDIUM (and none HIGH) → overall is MEDIUM

  57. - If ALL domains are LOW/NONE → overall is LOW

  58. 

  59. ---

  60. 

  61. ### 3. Aggregate Compliance Status

  62. 

  63. ```javascript

  64. const allCompliance = {};

  65. 

  66. domains.forEach((domain) => {

  67.   const compliance = assessments[domain].compliance;

  68.   Object.entries(compliance).forEach(([standard, status]) => {

  69.     if (!allCompliance[standard]) {

  70.       allCompliance[standard] = [];

  71.     }

  72.     allCompliance[standard].push({ domain, status });

  73.   });

  74. });

  75. 

  76. // Determine overall compliance per standard

  77. const complianceSummary = {};

  78. Object.entries(allCompliance).forEach(([standard, statuses]) => {

  79.   const hasFail = statuses.some((s) => s.status === 'FAIL');

  80.   const hasPartial = statuses.some((s) => s.status === 'PARTIAL' || s.status === 'CONCERN');

  81. 

  82.   complianceSummary[standard] = hasFail ? 'FAIL' : hasPartial ? 'PARTIAL' : 'PASS';

  83. });

  84. ```

  85. 

  86. ---

  87. 

  88. ### 4. Identify Cross-Domain Risks

  89. 

  90. **Look for risks that span multiple domains:**

  91. 

  92. ```javascript

  93. const crossDomainRisks = [];

  94. 

  95. // Example: Performance + Scalability issue

  96. const perfConcerns = assessments.performance.findings.filter((f) => f.status !== 'PASS');

  97. const scaleConcerns = assessments.scalability.findings.filter((f) => f.status !== 'PASS');

  98. if (perfConcerns.length > 0 && scaleConcerns.length > 0) {

  99.   crossDomainRisks.push({

  100.     domains: ['performance', 'scalability'],

  101.     description: 'Performance issues may worsen under scale',

  102.     impact: 'HIGH',

  103.   });

  104. }

  105. 

  106. // Example: Security + Reliability issue

  107. const securityFails = assessments.security.findings.filter((f) => f.status === 'FAIL');

  108. const reliabilityConcerns = assessments.reliability.findings.filter((f) => f.status !== 'PASS');

  109. if (securityFails.length > 0 && reliabilityConcerns.length > 0) {

  110.   crossDomainRisks.push({

  111.     domains: ['security', 'reliability'],

  112.     description: 'Security vulnerabilities may cause reliability incidents',

  113.     impact: 'CRITICAL',

  114.   });

  115. }

  116. ```

  117. 

  118. ---

  119. 

  120. ### 5. Aggregate Priority Actions

  121. 

  122. ```javascript

  123. const allPriorityActions = domains.flatMap((domain) =>

  124.   assessments[domain].priority_actions.map((action) => ({

  125.     domain,

  126.     action,

  127.     urgency: assessments[domain].risk_level === 'HIGH' ? 'URGENT' : 'NORMAL',

  128.   })),

  129. );

  130. 

  131. // Sort by urgency

  132. const prioritizedActions = allPriorityActions.sort((a, b) => (a.urgency === 'URGENT' ? -1 : 1));

  133. ```

  134. 

  135. ---

  136. 

  137. ### 6. Generate Executive Summary

  138. 

  139. ```javascript

  140. const resolvedMode = subagentContext?.execution?.resolvedMode ?? 'unknown';

  141. const subagentExecutionLabel =

  142.   resolvedMode === 'sequential'

  143.     ? 'SEQUENTIAL (4 NFR domains)'

  144.     : resolvedMode === 'agent-team'

  145.       ? 'AGENT-TEAM (4 NFR domains)'

  146.       : resolvedMode === 'subagent'

  147.         ? 'SUBAGENT (4 NFR domains)'

  148.         : 'MODE-DEPENDENT (4 NFR domains)';

  149. 

  150. const performanceGainLabel =

  151.   resolvedMode === 'sequential'

  152.     ? 'baseline (no parallel speedup)'

  153.     : resolvedMode === 'agent-team' || resolvedMode === 'subagent'

  154.       ? '~67% faster than sequential'

  155.       : 'mode-dependent';

  156. 

  157. const executiveSummary = {

  158.   overall_risk: overallRisk,

  159.   assessment_date: new Date().toISOString(),

  160. 

  161.   domain_assessments: assessments,

  162. 

  163.   compliance_summary: complianceSummary,

  164. 

  165.   cross_domain_risks: crossDomainRisks,

  166. 

  167.   priority_actions: prioritizedActions,

  168. 

  169.   risk_breakdown: {

  170.     security: assessments.security.risk_level,

  171.     performance: assessments.performance.risk_level,

  172.     reliability: assessments.reliability.risk_level,

  173.     scalability: assessments.scalability.risk_level,

  174.   },

  175. 

  176.   subagent_execution: subagentExecutionLabel,

  177.   performance_gain: performanceGainLabel,

  178. };

  179. 

  180. // Save for Step 5 (report generation)

  181. fs.writeFileSync('/tmp/tea-nfr-summary-{{timestamp}}.json', JSON.stringify(executiveSummary, null, 2), 'utf8');

  182. ```

  183. 

  184. ---

  185. 

  186. ### 7. Display Summary to User

  187. 

  188. ```

  189. ✅ NFR Evidence Audit Complete ({subagentExecutionLabel})

  190. 

  191. 🎯 Overall Risk Level: {overallRisk}

  192. 

  193. 📊 Domain Risk Breakdown:

  194. - Security:      {security_risk}

  195. - Performance:   {performance_risk}

  196. - Reliability:   {reliability_risk}

  197. - Scalability:   {scalability_risk}

  198. 

  199. ✅ Compliance Summary:

  200. {list standards with PASS/PARTIAL/FAIL}

  201. 

  202. ⚠️ Cross-Domain Risks: {cross_domain_risk_count}

  203. 

  204. 🎯 Priority Actions: {priority_action_count}

  205. 

  206. 🚀 Performance: {performanceGainLabel}

  207. 

  208. ✅ Ready for report generation (Step 5)

  209. ```

  210. 

  211. ---

  212. 

  213. ---

  214. 

  215. ### 8. Save Progress

  216. 

  217. **Save this step's accumulated work to `{outputFile}`.**

  218. 

  219. - **If `{outputFile}` does not exist** (first save), create it using the workflow template (if available) with YAML frontmatter:

  220. 

  221.   ```yaml

  222.   ---

  223.   stepsCompleted: ['step-04e-aggregate-nfr']

  224.   lastStep: 'step-04e-aggregate-nfr'

  225.   lastSaved: '{date}'

  226.   ---

  227.   ```

  228. 

  229.   Then write this step's output below the frontmatter.

  230. 

  231. - **If `{outputFile}` already exists**, update:

  232.   - Add `'step-04e-aggregate-nfr'` to `stepsCompleted` array (only if not already present)

  233.   - Set `lastStep: 'step-04e-aggregate-nfr'`

  234.   - Set `lastSaved: '{date}'`

  235.   - Append this step's output to the appropriate section of the document.

  236. 

  237. ---

  238. 

  239. ## EXIT CONDITION

  240. 

  241. Proceed to Step 5 when:

  242. 

  243. - ✅ All subagent outputs read

  244. - ✅ Overall risk calculated

  245. - ✅ Compliance aggregated

  246. - ✅ Summary saved

  247. - ✅ Progress saved to output document

  248. 

  249. Load next step: `{nextStepFile}`

  250. 

  251. ---

  252. 

  253. ## 🚨 SYSTEM SUCCESS METRICS

  254. 

  255. ### ✅ SUCCESS:

  256. 

  257. - All 4 NFR domains aggregated correctly

  258. - Overall risk level determined

  259. - Executive summary complete

  260. 

  261. ### ❌ FAILURE:

  262. 

  263. - Failed to read subagent outputs

  264. - Risk calculation incorrect