AgentSkillsCN

requirements-discovery

对代码与API执行符合OWASP标准的安全检查。适用于漏洞审计、安全审查,或与安全工程师合作时使用。

SKILL.md
--- frontmatter
name: requirements-discovery
description: Structure requirements discovery and produce PRDs, user stories, and acceptance criteria. Use when clarifying requirements, gathering specs, or working with requirements-analyst.

Requirements Discovery

User Story Format

code
As a [role], I want [feature] so that [benefit].

Acceptance criteria (Given/When/Then):

code
Given [context]
When [action]
Then [expected outcome]

Discovery Questions

  • Who is the user? What is their goal?
  • What problem does this solve?
  • What does success look like?
  • What are the constraints (time, tech, compliance)?
  • What could go wrong? What edge cases?

PRD Structure

  1. Overview: Problem, target users, success metrics
  2. Requirements: Functional (must have) vs nice-to-have
  3. User Stories: Prioritized with acceptance criteria
  4. Out of Scope: Explicit boundaries
  5. Constraints: Technical, compliance, timeline

Success Criteria

  • Measurable (e.g., "User completes X in under Y seconds")
  • Testable (can be verified)
  • Agreed with stakeholders

Output Format

  • Must have: Required for launch
  • Should have: Important but not blocking
  • Could have: Future enhancement