NewFlame, an assistant that learns and improves. Available on

validate-architecture

adolfoaranaes12/validate-architecture

Planning

About

SKILL.md

validate-architecture

adolfoaranaes12/validate-architecture

Planning

About

Validate architecture document completeness and quality against comprehensive checklist...

SKILL.md

Validate Architecture

Purpose

Validate architecture documents for completeness, quality, and adherence to best practices. Generates comprehensive validation report with quality score, identified gaps, and prioritized recommendations for improvement.

Core Principles:

Comprehensive checklists: Cover all architectural dimensions
Objective scoring: Consistent, repeatable quality measurement
Actionable feedback: Specific, prioritized improvements
Adapt to context: Different criteria for different project types

Prerequisites

Architecture document exists (docs/architecture.md or specified path)
Architecture follows standard structure (see create-architecture skill)

Workflow

1. Load Architecture Document

Action: Read architecture document using bmad-commands

Execute:

python .claude/skills/bmad-commands/scripts/read_file.py \
  --path {architecture_file} \
  --output json

Parse document to extract:

Present sections
Technology stack components
ADRs count and quality
NFRs coverage
Security considerations
Scalability mentions

2. Detect Project Type

Auto-detect from architecture content:

Frontend indicators:

Component architecture section
State management discussion
UI/routing mentions
Frontend technologies (React, Vue, etc.)

Backend indicators:

API design section
Service layer architecture
Database/data layer
Backend technologies (Node, Python, etc.)

Fullstack indicators:

Both frontend and backend sections
Integration/API contract sections
End-to-end authentication flow
Full stack technologies (Next.js, etc.)

If unable to detect: Prompt for project_type parameter

3. Run Completeness Checklist

Validate required sections based on project type:

Universal Sections (All Types)

✅ System Overview (purpose, users, features)
✅ Technology Stack (with justifications)
✅ Deployment Architecture
✅ Security Architecture
✅ Architecture Decision Records (≥3)

Frontend-Specific Sections

✅ Component Architecture
✅ State Management Strategy
✅ Routing Design
✅ Styling Approach
✅ Build & Deployment Pipeline

Backend-Specific Sections

✅ API Design (REST/GraphQL/tRPC)
✅ Service Layer Architecture
✅ Data Architecture & Modeling
✅ Integration Patterns
✅ Error Handling Strategy

Fullstack-Specific Sections

✅ End-to-End Integration
✅ API Contracts/Type Safety
✅ Authentication & Authorization Flow
✅ Frontend-Backend Communication
✅ Unified Deployment Strategy

Score: +10 points per required section present

See: references/validation-rules.md for complete validation criteria and scoring rubrics

4. Validate Technology Stack

Check that all technology choices:

✅ Are documented (not just mentioned)
✅ Have justifications (why this choice?)
✅ List alternatives considered
✅ Explain trade-offs
✅ Are appropriate for project scale

Scoring:

All choices justified: +15 points
Most choices justified: +10 points
Some justified: +5 points
None justified: 0 points

Flag unjustified technologies as gaps

5. Assess NFR Coverage

Verify Non-Functional Requirements addressed:

NFR Category	Required Elements
Performance	Response time targets, optimization strategies
Scalability	User growth plan, bottleneck identification
Security	Auth/authz, encryption, compliance
Reliability	Availability targets, fault tolerance
Maintainability	Code organization, testing strategy

Scoring:

All NFRs addressed: +15 points
Most NFRs addressed: +10 points
Some NFRs addressed: +5 points
Few/none addressed: 0 points

See: references/validation-rules.md for NFR validation criteria

6. Evaluate ADRs Quality

Check Architecture Decision Records:

Quantity:

≥10 ADRs: +10 points
5-9 ADRs: +7 points
3-4 ADRs: +5 points
<3 ADRs: 0 points

Quality (sample 3-5 ADRs):

✅ Context clearly stated
✅ Decision explicitly stated
✅ Alternatives considered (≥2)
✅ Rationale provided
✅ Consequences documented

Well-formed ADRs: +5 points Partial ADRs: +2 points Poor ADRs: 0 points

7. Check Security Posture

Validate security considerations:

✅ Authentication mechanism defined
✅ Authorization strategy documented
✅ Data encryption (at rest, in transit)
✅ Input validation approach
✅ Security best practices mentioned
✅ Compliance requirements (if applicable)

Scoring:

Comprehensive security: +10 points
Basic security: +5 points
Minimal security: 0 points

Critical gap: Missing security section

8. Assess Scalability Planning

Check scalability considerations:

✅ User growth projections
✅ Scaling strategy (horizontal/vertical)
✅ Bottleneck identification
✅ Load balancing approach
✅ Database scaling plan
✅ Caching strategy

Scoring:

Detailed scalability plan: +10 points
Basic scalability mentions: +5 points
No scalability planning: 0 points

9. Validate Deployment Strategy

Check deployment architecture:

✅ Deployment platform specified
✅ Environment strategy (dev, staging, prod)
✅ CI/CD pipeline outlined
✅ Monitoring and observability
✅ Backup and disaster recovery

Scoring:

Comprehensive deployment: +10 points
Basic deployment: +5 points
Missing deployment: 0 points

10. Calculate Quality Score

Total possible points: 100

Score breakdown:

Completeness (sections): 30-40 points (varies by type)
Technology justifications: 15 points
NFR coverage: 15 points
ADRs quantity & quality: 15 points
Security posture: 10 points
Scalability planning: 10 points
Deployment strategy: 10 points

Quality Grades:

90-100: Excellent (A)
80-89: Good (B)
70-79: Acceptable (C)
60-69: Needs Improvement (D)
<60: Insufficient (F)

Validation passes if score ≥70

11. Identify Gaps

Categorize identified gaps:

Critical Gaps (blocking):

Missing security section
No technology justifications
Fewer than 3 ADRs
Zero NFR coverage

Major Gaps (important):

Missing key sections for project type
Poor ADR quality
Minimal security details
No scalability planning

Minor Gaps (nice-to-have):

Incomplete deployment details
Missing diagrams
Light monitoring discussion

Priority: Critical → Major → Minor

12. Generate Recommendations

Based on identified gaps, provide actionable recommendations:

Recommendation format:

**Priority:** Critical | Major | Minor
**Gap:** [Specific missing element]
**Recommendation:** [Concrete action to take]
**Impact:** [Why this matters]
**Effort:** [Estimated time to address]

Example:

**Priority:** Critical
**Gap:** Security architecture section missing
**Recommendation:** Add security architecture section covering authentication, authorization, encryption, and input validation
**Impact:** Security is fundamental for production readiness
**Effort:** 2-3 hours

See: references/templates.md for recommendation and report templates

13. Generate Validation Report

Create comprehensive validation report:

# Architecture Validation Report

**Architecture:** [file path]
**Project Type:** [detected type]
**Validation Date:** [timestamp]
**Validation Result:** PASS | FAIL

---

## Quality Score: [score]/100

**Grade:** [A/B/C/D/F]

**Score Breakdown:**
- Completeness: [X]/40
- Technology Stack: [X]/15
- NFR Coverage: [X]/15
- ADRs: [X]/15
- Security: [X]/10
- Scalability: [X]/10
- Deployment: [X]/10

---

## Sections Present

✅ System Overview
✅ Component Architecture (Frontend)
✅ Technology Stack
❌ Security Architecture (MISSING)
⚠️  Scalability Plan (Incomplete)

---

## Gaps Identified

### Critical Gaps
1. Security architecture section missing
2. No NFR coverage

### Major Gaps
3. Only 2 ADRs (minimum 3 required)
4. Technology choices not justified

### Minor Gaps
5. Monitoring not discussed
6. Disaster recovery not mentioned

---

## Recommendations

### 1. Add Security Architecture (Critical)
**Gap:** Security section missing
**Action:** Document authentication, authorization, encryption, input validation
**Impact:** Production readiness blocker
**Effort:** 2-3 hours

### 2. Address NFRs (Critical)
**Gap:** Zero NFR coverage
**Action:** Add sections for performance targets, scalability plan, reliability targets
**Impact:** Architecture may not meet requirements
**Effort:** 1-2 hours

[... continue for all gaps ...]

---

## Summary

**Overall Assessment:** [Summary paragraph]

**Next Steps:**
1. Address all critical gaps
2. Address major gaps
3. Re-run validation
4. Proceed to implementation when score ≥70

---

**Validation Tool:** BMAD Enhanced validate-architecture skill
**Validated by:** Winston (Architect)

Common Scenarios

Scenario 1: High-Quality Architecture (Score 85+)

Result: PASS with minor recommendations Action: Proceed to implementation, optionally address minor gaps

Scenario 2: Acceptable Architecture (Score 70-79)

Result: PASS with major recommendations Action: Address major gaps before implementation

Scenario 3: Insufficient Architecture (Score <70)

Result: FAIL Action: Address all critical and major gaps, then re-validate

Scenario 4: Missing Critical Sections

Result: FAIL (auto-fail for missing critical sections) Action: Add missing sections, re-validate

Strict Mode

When enabled (--strict):

Minimum score: 80 (instead of 70)
All major gaps must be addressed
ADR quality rigorously checked
More detailed NFR validation

Use strict mode for:

Production systems
High-complexity projects
Compliance-sensitive applications
Enterprise deployments

Best Practices

Run early and often - Validate during architecture creation, not after
Address critical gaps immediately - Don't proceed with critical gaps
Iterate - Re-validate after addressing gaps
Use as checklist - Reference validation checklist while creating architecture
Don't over-optimize - Score of 70-80 is usually sufficient for implementation

Reference Files

references/validation-rules.md - Comprehensive validation rules, scoring criteria, and rubrics for all dimensions
references/templates.md - Validation report templates, recommendation formats, and output structures
references/examples.md - Complete validation examples showing PASS (85/100), borderline PASS (72/100), and FAIL (42/100) scenarios

When to Escalate

Escalate to user when:

Architecture file not found or unreadable
Unable to detect project type automatically
Score is below 50 (major rework needed)
Critical compliance issues detected
Architecture deviates significantly from standards

Part of BMAD Enhanced Quality Suite

About

SKILL.md

About

Validate architecture document completeness and quality against comprehensive checklist...

SKILL.md

Validate Architecture

Purpose

Core Principles:

Comprehensive checklists: Cover all architectural dimensions
Objective scoring: Consistent, repeatable quality measurement
Actionable feedback: Specific, prioritized improvements
Adapt to context: Different criteria for different project types

Prerequisites

Architecture document exists (docs/architecture.md or specified path)
Architecture follows standard structure (see create-architecture skill)

Workflow

1. Load Architecture Document

Action: Read architecture document using bmad-commands

Execute:

python .claude/skills/bmad-commands/scripts/read_file.py \
  --path {architecture_file} \
  --output json

Parse document to extract:

Present sections
Technology stack components
ADRs count and quality
NFRs coverage
Security considerations
Scalability mentions

2. Detect Project Type

Auto-detect from architecture content:

Frontend indicators:

Component architecture section
State management discussion
UI/routing mentions
Frontend technologies (React, Vue, etc.)

Backend indicators:

API design section
Service layer architecture
Database/data layer
Backend technologies (Node, Python, etc.)

Fullstack indicators:

Both frontend and backend sections
Integration/API contract sections
End-to-end authentication flow
Full stack technologies (Next.js, etc.)

If unable to detect: Prompt for project_type parameter

3. Run Completeness Checklist

Validate required sections based on project type:

Universal Sections (All Types)

✅ System Overview (purpose, users, features)
✅ Technology Stack (with justifications)
✅ Deployment Architecture
✅ Security Architecture
✅ Architecture Decision Records (≥3)

Frontend-Specific Sections

✅ Component Architecture
✅ State Management Strategy
✅ Routing Design
✅ Styling Approach
✅ Build & Deployment Pipeline

Backend-Specific Sections

✅ API Design (REST/GraphQL/tRPC)
✅ Service Layer Architecture
✅ Data Architecture & Modeling
✅ Integration Patterns
✅ Error Handling Strategy

Fullstack-Specific Sections

✅ End-to-End Integration
✅ API Contracts/Type Safety
✅ Authentication & Authorization Flow
✅ Frontend-Backend Communication
✅ Unified Deployment Strategy

Score: +10 points per required section present

See: references/validation-rules.md for complete validation criteria and scoring rubrics

4. Validate Technology Stack

Check that all technology choices:

✅ Are documented (not just mentioned)
✅ Have justifications (why this choice?)
✅ List alternatives considered
✅ Explain trade-offs
✅ Are appropriate for project scale

Scoring:

All choices justified: +15 points
Most choices justified: +10 points
Some justified: +5 points
None justified: 0 points

Flag unjustified technologies as gaps

5. Assess NFR Coverage

Verify Non-Functional Requirements addressed:

NFR Category	Required Elements
Performance	Response time targets, optimization strategies
Scalability	User growth plan, bottleneck identification
Security	Auth/authz, encryption, compliance
Reliability	Availability targets, fault tolerance
Maintainability	Code organization, testing strategy

Scoring:

All NFRs addressed: +15 points
Most NFRs addressed: +10 points
Some NFRs addressed: +5 points
Few/none addressed: 0 points

See: references/validation-rules.md for NFR validation criteria

6. Evaluate ADRs Quality

Check Architecture Decision Records:

Quantity:

≥10 ADRs: +10 points
5-9 ADRs: +7 points
3-4 ADRs: +5 points
<3 ADRs: 0 points

Quality (sample 3-5 ADRs):

✅ Context clearly stated
✅ Decision explicitly stated
✅ Alternatives considered (≥2)
✅ Rationale provided
✅ Consequences documented

Well-formed ADRs: +5 points Partial ADRs: +2 points Poor ADRs: 0 points

7. Check Security Posture

Validate security considerations:

✅ Authentication mechanism defined
✅ Authorization strategy documented
✅ Data encryption (at rest, in transit)
✅ Input validation approach
✅ Security best practices mentioned
✅ Compliance requirements (if applicable)

Scoring:

Comprehensive security: +10 points
Basic security: +5 points
Minimal security: 0 points

Critical gap: Missing security section

8. Assess Scalability Planning

Check scalability considerations:

✅ User growth projections
✅ Scaling strategy (horizontal/vertical)
✅ Bottleneck identification
✅ Load balancing approach
✅ Database scaling plan
✅ Caching strategy

Scoring:

Detailed scalability plan: +10 points
Basic scalability mentions: +5 points
No scalability planning: 0 points

9. Validate Deployment Strategy

Check deployment architecture:

✅ Deployment platform specified
✅ Environment strategy (dev, staging, prod)
✅ CI/CD pipeline outlined
✅ Monitoring and observability
✅ Backup and disaster recovery

Scoring:

Comprehensive deployment: +10 points
Basic deployment: +5 points
Missing deployment: 0 points

10. Calculate Quality Score

Total possible points: 100

Score breakdown:

Completeness (sections): 30-40 points (varies by type)
Technology justifications: 15 points
NFR coverage: 15 points
ADRs quantity & quality: 15 points
Security posture: 10 points
Scalability planning: 10 points
Deployment strategy: 10 points

Quality Grades:

90-100: Excellent (A)
80-89: Good (B)
70-79: Acceptable (C)
60-69: Needs Improvement (D)
<60: Insufficient (F)

Validation passes if score ≥70

11. Identify Gaps

Categorize identified gaps:

Critical Gaps (blocking):

Missing security section
No technology justifications
Fewer than 3 ADRs
Zero NFR coverage

Major Gaps (important):

Missing key sections for project type
Poor ADR quality
Minimal security details
No scalability planning

Minor Gaps (nice-to-have):

Incomplete deployment details
Missing diagrams
Light monitoring discussion

Priority: Critical → Major → Minor

12. Generate Recommendations

Based on identified gaps, provide actionable recommendations:

Recommendation format:

**Priority:** Critical | Major | Minor
**Gap:** [Specific missing element]
**Recommendation:** [Concrete action to take]
**Impact:** [Why this matters]
**Effort:** [Estimated time to address]

Example:

**Priority:** Critical
**Gap:** Security architecture section missing
**Recommendation:** Add security architecture section covering authentication, authorization, encryption, and input validation
**Impact:** Security is fundamental for production readiness
**Effort:** 2-3 hours

See: references/templates.md for recommendation and report templates

13. Generate Validation Report

Create comprehensive validation report:

# Architecture Validation Report

**Architecture:** [file path]
**Project Type:** [detected type]
**Validation Date:** [timestamp]
**Validation Result:** PASS | FAIL

---

## Quality Score: [score]/100

**Grade:** [A/B/C/D/F]

**Score Breakdown:**
- Completeness: [X]/40
- Technology Stack: [X]/15
- NFR Coverage: [X]/15
- ADRs: [X]/15
- Security: [X]/10
- Scalability: [X]/10
- Deployment: [X]/10

---

## Sections Present

✅ System Overview
✅ Component Architecture (Frontend)
✅ Technology Stack
❌ Security Architecture (MISSING)
⚠️  Scalability Plan (Incomplete)

---

## Gaps Identified

### Critical Gaps
1. Security architecture section missing
2. No NFR coverage

### Major Gaps
3. Only 2 ADRs (minimum 3 required)
4. Technology choices not justified

### Minor Gaps
5. Monitoring not discussed
6. Disaster recovery not mentioned

---

## Recommendations

### 1. Add Security Architecture (Critical)
**Gap:** Security section missing
**Action:** Document authentication, authorization, encryption, input validation
**Impact:** Production readiness blocker
**Effort:** 2-3 hours

### 2. Address NFRs (Critical)
**Gap:** Zero NFR coverage
**Action:** Add sections for performance targets, scalability plan, reliability targets
**Impact:** Architecture may not meet requirements
**Effort:** 1-2 hours

[... continue for all gaps ...]

---

## Summary

**Overall Assessment:** [Summary paragraph]

**Next Steps:**
1. Address all critical gaps
2. Address major gaps
3. Re-run validation
4. Proceed to implementation when score ≥70

---

**Validation Tool:** BMAD Enhanced validate-architecture skill
**Validated by:** Winston (Architect)

Common Scenarios

Scenario 1: High-Quality Architecture (Score 85+)

Result: PASS with minor recommendations Action: Proceed to implementation, optionally address minor gaps

Scenario 2: Acceptable Architecture (Score 70-79)

Result: PASS with major recommendations Action: Address major gaps before implementation

Scenario 3: Insufficient Architecture (Score <70)

Result: FAIL Action: Address all critical and major gaps, then re-validate

Scenario 4: Missing Critical Sections

Result: FAIL (auto-fail for missing critical sections) Action: Add missing sections, re-validate

Strict Mode

When enabled (--strict):

Minimum score: 80 (instead of 70)
All major gaps must be addressed
ADR quality rigorously checked
More detailed NFR validation

Use strict mode for:

Production systems
High-complexity projects
Compliance-sensitive applications
Enterprise deployments

Best Practices

Run early and often - Validate during architecture creation, not after
Address critical gaps immediately - Don't proceed with critical gaps
Iterate - Re-validate after addressing gaps
Use as checklist - Reference validation checklist while creating architecture
Don't over-optimize - Score of 70-80 is usually sufficient for implementation

Reference Files

references/validation-rules.md - Comprehensive validation rules, scoring criteria, and rubrics for all dimensions
references/templates.md - Validation report templates, recommendation formats, and output structures
references/examples.md - Complete validation examples showing PASS (85/100), borderline PASS (72/100), and FAIL (42/100) scenarios

When to Escalate

Escalate to user when:

Architecture file not found or unreadable
Unable to detect project type automatically
Score is below 50 (major rework needed)
Critical compliance issues detected
Architecture deviates significantly from standards

Part of BMAD Enhanced Quality Suite