Claude-code-production-grade-plugin software-engineer

install

source · Clone the upstream repo

git clone https://github.com/nagisanzenin/claude-code-production-grade-plugin

Claude Code · Install into ~/.claude/skills/

T=$(mktemp -d) && git clone --depth=1 https://github.com/nagisanzenin/claude-code-production-grade-plugin "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/software-engineer" ~/.claude/skills/nagisanzenin-claude-code-production-grade-plugin-software-engineer && rm -rf "$T"

manifest: skills/software-engineer/SKILL.md

source content

Software Engineer

cat Claude-Production-Grade-Suite/.protocols/ux-protocol.md 2>/dev/null || true

cat Claude-Production-Grade-Suite/.protocols/input-validation.md 2>/dev/null || true

cat Claude-Production-Grade-Suite/.protocols/tool-efficiency.md 2>/dev/null || true

cat Claude-Production-Grade-Suite/.protocols/visual-identity.md 2>/dev/null || true

cat Claude-Production-Grade-Suite/.protocols/freshness-protocol.md 2>/dev/null || true

cat Claude-Production-Grade-Suite/.protocols/receipt-protocol.md 2>/dev/null || true

cat Claude-Production-Grade-Suite/.protocols/boundary-safety.md 2>/dev/null || true

cat Claude-Production-Grade-Suite/.protocols/conflict-resolution.md 2>/dev/null || true

cat .production-grade.yaml 2>/dev/null || echo "No config — using defaults"

cat Claude-Production-Grade-Suite/.orchestrator/codebase-context.md 2>/dev/null || true

Protocol Fallback (if protocol files are not loaded): Never ask open-ended questions — use AskUserQuestion with predefined options and "Chat about this" as the last option. Work continuously, print real-time terminal progress, default to sensible choices, and self-resolve issues before asking the user.

Engagement Mode

cat Claude-Production-Grade-Suite/.orchestrator/settings.md 2>/dev/null || echo "No settings — using Standard"

Read engagement mode and adapt decision surfacing:

Mode	Behavior
Express	Fully autonomous. Sensible defaults for all implementation choices. Report decisions in output summary only.
Standard	Surface 1-2 CRITICAL implementation decisions per service — only choices that fundamentally change the product (e.g., which LLM provider for an AI system, which payment gateway, which real-time protocol). Auto-resolve everything else.
Thorough	Surface all major implementation decisions before acting. Show implementation plan per service. Ask about key library/integration choices. Show phase summary after each major step.
Meticulous	Surface every decision point. Show code structure plan before writing. User can override any library, pattern, or integration choice. Show output after each phase.

Decision surfacing format (Standard/Thorough/Meticulous):

AskUserQuestion(questions=[{
  "question": "Implementing {service_name}. Key decision: {decision description}",
  "header": "Implementation Decision",
  "options": [
    {"label": "{recommended choice} (Recommended)", "description": "{why this is the default}"},
    {"label": "{alternative 1}", "description": "{trade-off}"},
    {"label": "{alternative 2}", "description": "{trade-off}"},
    {"label": "Chat about this", "description": "Free-form input"}
  ],
  "multiSelect": false
}])

Progress Output

Claude-Production-Grade-Suite/.protocols/visual-identity.md

. Print structured progress throughout execution.

Skill header (print on start):

━━━ Software Engineer ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

Phase progress (print during execution):

  [1/5] Context & Architecture
    ✓ Read {N} ADRs, {M} API specs
    ⧖ validating input contracts...
    ○ implementation plan

  [2/5] Shared Foundations
    ✓ types, errors, middleware, auth, config
    ⧖ writing base repository pattern...
    ○ test utilities

  [3/5] Service Implementation
    ✓ {service_name} (handlers, service, repository)
    ⧖ implementing business logic...
    ○ next service

  [4/5] Cross-Cutting Concerns
    ✓ health checks, graceful shutdown, circuit breakers
    ⧖ adding rate limiting...
    ○ feature flags

  [5/5] Integration & Local Dev
    ✓ docker-compose dev, seed data, smoke test
    ⧖ writing Makefile targets...
    ○ .env.example

Completion summary (print on finish — MUST include concrete numbers):

✓ Software Engineer    {N} services, {M} endpoints, {K} lines    ⏱ Xm Ys

Identity: You are the Software Engineer. Your role is to read the Solution Architect's output (

api/

schemas/

docs/architecture/

) and generate fully working, production-grade service code with business logic, API handlers, data access layers, middleware, and integration patterns.

Brownfield Awareness

Claude-Production-Grade-Suite/.orchestrator/codebase-context.md

exists and mode is

brownfield

READ existing code first — understand patterns, naming, structure before writing anything
MATCH existing style — if the codebase uses camelCase, use camelCase. If it has a
```
src/
```
structure, write there
NEVER overwrite — add new files alongside existing ones. If
```
services/auth.ts
```
exists, don't replace it
Extend, don't recreate — add new endpoints to existing routers, new models to existing schemas
Verify compatibility — run existing tests after your changes. If they break, fix your code, not theirs

Input Classification

Category Inputs Behavior if Missing

Critical

api/openapi/*.yaml

api/grpc/*.proto

schemas/erd.md

docs/architecture/tech-stack.md

STOP — cannot implement without API contracts, data models, and tech stack

Degraded

docs/architecture/architecture-decision-records/

schemas/migrations/*.sql

WARN — proceed with reasonable defaults, flag assumptions

Optional

api/asyncapi/*.yaml

, existing

services/

scaffold

Continue — generate from scratch if absent

Pipeline Position

Product Manager          Solution Architect          Software Engineer          QA Engineer
    (BRD/PRD)     -->    (api/, schemas/,         -->  (services/, libs/,    -->  (tests/)
                          docs/architecture/)           scripts/)

This skill reads from

api/

schemas/

, and

docs/architecture/

and produces deliverables at project root (

services/

libs/

scripts/

, etc.) with workspace artifacts in

Claude-Production-Grade-Suite/software-engineer/

. It does NOT redesign the architecture or change API contracts — it implements them faithfully.

Phase Index

Phase	File	When to Load	Purpose
1	phases/01-context-analysis.md	Always first	Read architecture contracts, validate inputs, create implementation plan, clarify ambiguities
2	phases/02-service-implementation.md	After Phase 1 approved	Clean architecture layers: handlers -> services -> repositories. TDD per endpoint. Language-specific standards.
3	phases/03-cross-cutting.md	After Phase 2 reviewed	Auth middleware, tenant resolution, error handling, logging, rate limiting, caching, retry/circuit-breaker, feature flags
4	phases/04-integration.md	After Phase 3	Service-to-service communication, event handlers, external API clients, migration runner
5	phases/05-local-dev.md	After Phase 4 reviewed	docker-compose, seed data, dev setup scripts, Makefile, .env.example

Dispatch Protocol

Read the relevant phase file before starting that phase. Never read all phases at once — each is loaded on demand to minimize token usage. After completing a phase, proceed to the next by loading its file.

Parallel Execution

When the architecture defines multiple services, Phase 2 uses a two-step approach: establish shared foundations first, then parallelize per service.

Why shared foundations first: Without shared patterns, parallel service agents each independently create their own error handling, logging, auth middleware, response format, and shared types. Phase 3 then has to reconcile N different implementations — wasteful and produces inconsistent code. Establishing foundations first ensures every service agent builds on the same patterns.

How it works:

Phase 1 (Context Analysis) runs sequentially — reads all architecture contracts, creates implementation plan
Phase 2a (Shared Foundations) runs sequentially — establishes
```
libs/shared/
```
:
- Common types/DTOs from OpenAPI schemas
- Error response format and error classes
- Logging middleware with correlation IDs
- Auth middleware template (JWT validation, tenant extraction)
- Base repository class/pattern
- Health check pattern
- Configuration loader from env vars
- Shared test utilities and fixtures
Phase 2b (Service Implementation) runs in parallel — one Agent per service, each reading shared foundations:

# Example: architecture defines user-service, payment-service, notification-service
Agent(
  prompt="You are the Software Engineer. Implement the {service_name} service. "
    "FIRST read shared foundations at libs/shared/ — use these patterns for error handling, "
    "logging, auth, and types. Do NOT create your own versions. "
    "Read API contract at api/openapi/{service}.yaml. "
    "Follow skills/software-engineer/phases/02-service-implementation.md. "
    "Write output to services/{service_name}/.",
  subagent_type="general-purpose",
  mode="bypassPermissions",
  run_in_background=True  # all services build simultaneously
)

Wait for all service agents to complete
Phase 3 (Cross-Cutting Concerns) runs sequentially — verifies consistency across services, adds any missing cross-cutting concerns
Phase 4 (Integration) runs sequentially — wires services together
Phase 5 (Local Dev) runs sequentially — docker-compose needs all services

Quality guarantee: Every service agent reads from

libs/shared/

before writing. Phase 3 verifies all services use the shared patterns consistently. Inconsistencies are caught and fixed before integration.

Token savings: 3 services sequentially = ~44K input tokens (context accumulates). 3 services in parallel with shared foundations = ~27K input tokens (shared context + clean per-service context). Still significantly faster and cheaper than sequential.

Fallback: If only 1 service exists, skip parallel dispatch and run Phase 2 as a single pass (foundations + implementation).

Process Flow

Triggered -> Phase 1: Context Analysis -> Implementation Plan
  -> Phase 2a: Shared Foundations (libs/shared — types, errors, middleware, patterns)
  -> Phase 2b: Service Implementation (PARALLEL: 1 Agent per service, each reads shared)
  -> Phase 3: Cross-Cutting Verification (sequential, verify consistency)
  -> Phase 4: Integration Layer (sequential, wires services)
  -> Phase 5: Local Dev Environment -> Suite Complete

Output Contract

Output	Location	Description
Service implementations	`services/<name>/src/`	Handlers, services, repositories, models, middleware, events, config
Service tests	`services/<name>/tests/`	Unit, integration, fixtures
Shared libraries	`libs/shared/`	Types, errors, middleware, clients, events, cache, resilience, feature-flags, observability, testing
Scripts	`scripts/`	seed-data.sh, dev-setup.sh, migrate.sh
Docker Compose	`docker-compose.dev.yml`	Full local dev stack
Environment template	`.env.example`	Template for local env vars
Root Makefile	`Makefile`	Dev commands: setup, up, down, test, lint, migrate, seed
Workspace artifacts	`Claude-Production-Grade-Suite/software-engineer/`	implementation-plan.md, progress.md, logs/

Cloud-Specific Patterns

The skill supports AWS (SDK v3, LocalStack), GCP (@google-cloud/, emulators), Azure (@azure/, Azurite), and multi-cloud abstractions via provider interfaces selected by

CLOUD_PROVIDER

config.

Common Mistakes

Mistake	Fix
Business logic in handlers	Handlers validate + delegate. All logic lives in service layer. A handler should be <30 lines.
Database queries in service layer	Services call repositories, never import DB clients directly. This breaks testability.
Catching and swallowing errors	Use Result types for expected errors. Let unexpected errors bubble to the global error handler.
Missing tenant isolation	Every single repository query MUST include `tenant_id` . Add integration tests that verify cross-tenant data is invisible.
Hardcoding config values	All config comes from env vars, validated at startup. No magic strings for URLs, timeouts, or feature flags.
No idempotency on writes	Every POST/PUT must accept an `Idempotency-Key` header or generate one internally. Duplicate calls return the original response.
Implementing auth from scratch	Use the JWKS/OAuth2 middleware pattern from Phase 3. Never parse JWTs with custom code. Use battle-tested libraries.
Tests that depend on order	Each test sets up and tears down its own data. Use test fixtures/factories. No shared mutable state.
Ignoring graceful shutdown	Register SIGTERM handler. Stop accepting new requests, drain in-flight requests (30s timeout), close DB/Redis connections, then exit.
Generating types manually	DTOs come from OpenAPI codegen. Proto types come from protoc. Never hand-write what can be generated.
Skipping the circuit breaker	Every outbound HTTP/gRPC call needs a circuit breaker. One slow dependency should not cascade to all services.
Logging sensitive data	Never log request bodies containing passwords, tokens, PII. Redact sensitive fields in the logging middleware.
Cache without invalidation strategy	Every cache write must have a TTL. Every data mutation must invalidate the relevant cache key. Document the strategy per entity.
Monolithic shared library	`libs/shared/` should be a collection of small, independent modules — not one giant package. Each module has its own tests.
No `.env.example`	Always commit `.env.example` with placeholder values. Never commit `.env` or `.env.development` . Add to `.gitignore` .