AgentSkillsCN

arch-review-guide

在审查或开发项目架构时使用此技能。为Kotlin、Python以及TypeScript/JavaScript中的架构违规检测、依赖方向规则,以及整体结构健康评估提供快速参考。

SKILL.md
--- frontmatter
name: arch-review-guide
description: Use this skill when reviewing or working on project architecture. Provides quick reference for architecture violation detection, dependency direction rules, and structural health assessment across Kotlin, Python, and TypeScript/JavaScript.

Architecture Review Quick Reference

This skill provides a condensed checklist for identifying architecture violations during code review or development.

When to Activate

  • Reviewing code that changes project structure or adds new modules
  • Working with dependency injection, layer boundaries, or module dependencies
  • Creating new packages, directories, or modules
  • Refactoring architecture (extracting services, separating layers)
  • Reviewing import statements for dependency direction compliance
  • Evaluating DTO/Entity separation or data flow patterns
  • Assessing microservice communication patterns

Core Principles

1. Dependencies Flow Inward

Outer layers depend on inner layers, never the reverse. Domain/core has zero outward dependencies.

code
[Controller/API] --> [Service/UseCase] --> [Domain/Entity] --> [nothing]
     ^                     ^                    ^
     |                     |                    |
[Infrastructure]    [Infrastructure]      [NEVER depends on outer]

2. Detect, Don't Prescribe

Report the detected architecture style. Don't force hexagonal on a simple CRUD app. Match analysis to project maturity.

3. Context Matters

Read surrounding code before flagging. A pattern that looks bad in isolation may be an intentional trade-off.

6-Step Analysis Workflow

StepNameWhat to Check
1Macro Structure DiscoveryBuild configs, module composition, project type
2Dependency Direction TrackingImport analysis, layer violation detection
3Package Structure & NamingNaming conventions, package-by-layer vs feature
4Data Modeling StrategyDTO/Entity separation, CQRS patterns
5MSA / Distributed SystemMessage brokers, service discovery, resilience
6Developer Intent & HealthGit history, test coverage, exception handling

Quick Reference by Violation Type

Critical Violations

IDViolationFixDetection
V-C1Domain depends on infrastructurePure domain model + separate persistence entityimport javax.persistence in domain/**
V-C2Circular module dependenciesShared events/interfaces, event-driven communicationBidirectional imports between modules
V-C3UseCase depends on concrete adapterDepend on port interfaces onlyimport adapter.* in usecase/**

High Violations

IDViolationFixDetection
V-H1Layer skipping (Controller -> Repository)Controller -> Service -> RepositoryRepository in controller/**
V-H2Entity exposed to APIMap to DTO before respondingResponseEntity<*Entity> in controllers
V-H3Business logic in controllerMove to service layercalculate/validate/process in controllers
V-H4Hard-coded dependencies (no DI)Constructor injection= new *Repository() or = *Service()

Medium Violations

IDViolationFixDetection
V-M1Inconsistent naming conventionFollow language conventions (PEP8, Kotlin style)class [a-z], def camelCase
V-M2Package structure inconsistencyChoose one: package-by-layer OR package-by-featureMixed controllers/ + order/ directories
V-M3God class / God moduleExtract responsibilities, apply SRPFiles > 500 lines, > 15 imports

Low Violations

IDViolationFixDetection
V-L1Missing architecture testsAdd ArchUnit / dependency-cruiserNo @ArchTest or dependency-cruiser
V-L2Missing API documentationAdd springdoc / swaggerNo openapi in build config
V-L3No error handling strategyAdd global exception handlerNo @ControllerAdvice / ExceptionFilter

Top 5 Most Common Architecture Violations

1. Domain Depends on Infrastructure (V-C1)

kotlin
// BAD: domain/model/Order.kt
import javax.persistence.Entity  // Infrastructure leak!

// GOOD: Pure domain model + infrastructure/persistence/OrderEntity.kt
data class Order(val id: OrderId, val customerId: CustomerId, val totalAmount: Money)

2. Controller Skipping Service Layer (V-H1)

kotlin
// BAD
@RestController
class OrderController(private val orderRepository: OrderRepository) { ... }

// GOOD
@RestController
class OrderController(private val orderService: OrderService) { ... }

3. Entity Exposed to API (V-H2)

python
# BAD
@router.get("/users/{id}")
async def get_user(id: int, db: Session = Depends(get_db)):
    return db.query(UserModel).get(id)  # Leaks all fields

# GOOD
@router.get("/users/{id}", response_model=UserResponse)
async def get_user(id: int, service: UserService = Depends()):
    return service.find_by_id(id)

4. Hard-coded Dependencies (V-H4)

typescript
// BAD
export class OrderService {
    private repo = new PostgresOrderRepo() // Tight coupling!
}

// GOOD
@Injectable()
export class OrderService {
    constructor(private readonly repo: OrderRepository) {}
}

5. Business Logic in Controller (V-H3)

kotlin
// BAD: Controller calculates, validates, notifies
@PostMapping("/orders")
fun createOrder(@RequestBody req: CreateOrderRequest): ResponseEntity<OrderDto> {
    val total = req.items.sumOf { it.price * it.quantity }
    if (total > 10000) notificationService.notifyAdmin("Large order")
    // ...
}

// GOOD: Delegate to service
@PostMapping("/orders")
fun createOrder(@RequestBody req: CreateOrderRequest): ResponseEntity<OrderDto> {
    return ResponseEntity.status(HttpStatus.CREATED).body(orderService.create(req))
}

Architecture Identification Matrix

SignalArchitecture Type
controller/, service/, repository/ dirsLayered
@Controller, @Service, @RepositoryLayered
port/, adapter/, usecase/ dirsHexagonal/Clean
domain/ with no outward importsHexagonal/Clean
views.py, models.py, urls.pyDjango MVT
modules/ with *.module.tsNestJS Modular

DTO Separation Maturity

LevelDescriptionQuality
0Entity used everywherePoor
1DTO exists but mixed with EntityFair
2DTO per layer (Request/Response/Domain)Good
3CQRS (Command/Query separation)Excellent

MSA Maturity Levels

LevelDescription
0Monolith - Single deployable unit
1Modular Monolith - Logically separated modules
2SOA - REST between services, possibly shared DB
3MSA - Independent DBs, message brokers, service discovery
4Event-Driven - Kafka/RabbitMQ primary, CQRS, Event Sourcing

Architecture Health Score

code
Base: 100 points

Deductions:
  Critical violation: -15 each
  High violation:     -8 each
  Medium violation:   -3 each
  Low violation:      -1 each

Bonuses:
  Architecture tests (ArchUnit):  +5
  API documentation:              +3
  Global exception handler:       +2
  Consistent naming:              +3
  DTO separation Level 2+:        +2

Rating:
  90-100: Excellent | 75-89: Good | 60-74: Fair | 40-59: Poor | 0-39: Critical

Severity Guide

SeverityWhen to Flag
CriticalCore architecture principle broken (dependency direction reversed, circular deps)
HighLayer boundaries crossed, entity leaked to API, business logic misplaced
MediumNaming inconsistency, package structure mixing, SRP violation
LowMissing best practice (architecture tests, API docs, error handler)

Detailed Guide

For detailed analysis methodology, Bad/Good code examples per violation, and detection patterns, refer to the guide below:

  • Architecture Review Guide - Full methodology including 6-step analysis workflow, Violation Checklist (V-C1~V-L3), and Health Score calculation

This skill (SKILL.md) serves as a quick reference. For in-depth analysis, use the guide's detection patterns and code examples.

Integration with Other Tools

  • Use /arch-review [target] command for structured analysis with full report
  • Use /analyze --focus architecture for broader multi-domain assessment
  • The arch-reviewer agent contains the complete methodology with all code examples
  • Use /perf-review for complementary performance-focused analysis
  • This skill provides quick reference during regular development

Remember: Architecture matters most at scale. For small CRUD apps, pragmatism beats purity. Always consider project maturity and team size when evaluating violations. Detect the intended architecture, validate conformance, and provide actionable feedback.