ReddRadar
Agent skill
deep-analysis
Analytical thinking patterns for comprehensive evaluation, code audits, security analysis, and performance reviews. Provides structured templates for thorough investigation with extended thinking support.
Install this agent skill to your Project
npx add-skill https://github.com/nicepkg/auto-company/tree/main/.claude/skills/deep-analysis
SKILL.md
Deep Analysis Skill
Comprehensive analytical templates for thorough investigation, audits, and evaluations leveraging extended thinking capabilities.
When to Use
- Code audits requiring systematic review
- Security assessments and threat modeling
- Performance analysis and optimization planning
- Architecture reviews and technical debt assessment
- Incident post-mortems and root cause analysis
- Compliance audits and risk assessments
Analysis Templates
Code Audit Template
## Code Audit Report
**Repository**: [repo-name]
**Scope**: [files/modules audited]
**Date**: [YYYY-MM-DD]
**Auditor**: Claude + [Human reviewer]
### Executive Summary
[2-3 sentence overview of findings]
### Audit Criteria
- [ ] Code quality and maintainability
- [ ] Security vulnerabilities
- [ ] Performance concerns
- [ ] Test coverage
- [ ] Documentation completeness
- [ ] Dependency health
### Critical Findings
| ID | Severity | Location | Issue | Recommendation |
|----|----------|----------|-------|----------------|
| C1 | Critical | file:line | [Issue] | [Fix] |
| C2 | Critical | file:line | [Issue] | [Fix] |
### High Priority Findings
| ID | Severity | Location | Issue | Recommendation |
|----|----------|----------|-------|----------------|
| H1 | High | file:line | [Issue] | [Fix] |
### Medium Priority Findings
[...]
### Low Priority / Suggestions
[...]
### Metrics
| Metric | Value | Target | Status |
|--------|-------|--------|--------|
| Test Coverage | 75% | 80% | ⚠️ |
| Cyclomatic Complexity | 12 | <10 | ⚠️ |
| Technical Debt | 4.2d | <3d | ❌ |
| Security Score | 8/10 | 9/10 | ⚠️ |
### Recommendations
1. **Immediate**: [Critical fixes]
2. **Short-term**: [Within sprint]
3. **Long-term**: [Tech debt reduction]
### Sign-off
- [ ] All critical issues addressed
- [ ] High priority issues have timeline
- [ ] Audit findings documented in backlog
Security Threat Model Template
## Threat Model: [System/Component Name]
**Version**: [1.0]
**Last Updated**: [YYYY-MM-DD]
**Classification**: [Internal/Confidential]
### System Overview
[Brief description of the system being modeled]
### Assets
| Asset | Description | Sensitivity | Owner |
|-------|-------------|-------------|-------|
| User Data | PII, credentials | Critical | Auth Team |
| API Keys | Service credentials | High | DevOps |
| Business Data | Transactions | High | Product |
### Trust Boundaries
┌─────────────────────────────────────────┐ │ External (Untrusted) │ │ [Internet Users] [Third-party APIs] │ └──────────────────┬──────────────────────┘ │ WAF/Load Balancer ┌──────────────────┴──────────────────────┐ │ DMZ (Semi-trusted) │ │ [API Gateway] [CDN] [Public Services] │ └──────────────────┬──────────────────────┘ │ Internal Firewall ┌──────────────────┴──────────────────────┐ │ Internal (Trusted) │ │ [App Servers] [Databases] [Queues] │ └─────────────────────────────────────────┘
### Threat Categories (STRIDE)
#### Spoofing
| Threat | Likelihood | Impact | Mitigation |
|--------|------------|--------|------------|
| Credential theft | Medium | High | MFA, rate limiting |
| Session hijacking | Low | High | Secure cookies, HTTPS |
#### Tampering
| Threat | Likelihood | Impact | Mitigation |
|--------|------------|--------|------------|
| SQL injection | Medium | Critical | Parameterized queries |
| Data modification | Low | High | Integrity checks |
#### Repudiation
[...]
#### Information Disclosure
[...]
#### Denial of Service
[...]
#### Elevation of Privilege
[...]
### Attack Vectors
1. **Vector 1**: [Description]
- Entry point: [Where]
- Technique: [How]
- Mitigation: [Defense]
### Risk Matrix
| Threat | Likelihood | Impact | Risk Score | Priority |
|--------|------------|--------|------------|----------|
| T1 | High | Critical | 9 | P1 |
| T2 | Medium | High | 6 | P2 |
| T3 | Low | Medium | 3 | P3 |
### Security Controls
| Control | Type | Status | Coverage |
|---------|------|--------|----------|
| WAF | Preventive | ✅ Active | External |
| SAST | Detective | ✅ CI/CD | Code |
| DAST | Detective | ⚠️ Partial | Runtime |
| Encryption | Preventive | ✅ Active | Data |
### Recommendations
1. [Priority 1 recommendations]
2. [Priority 2 recommendations]
3. [Priority 3 recommendations]
Performance Analysis Template
## Performance Analysis Report
**System**: [System name]
**Period**: [Date range]
**Environment**: [Production/Staging]
### Executive Summary
[Key findings and recommendations]
### Performance Metrics
#### Response Times
| Endpoint | P50 | P95 | P99 | Target | Status |
|----------|-----|-----|-----|--------|--------|
| /api/users | 45ms | 120ms | 350ms | <200ms | ✅ |
| /api/search | 230ms | 890ms | 2.1s | <500ms | ❌ |
| /api/reports | 1.2s | 3.4s | 8.2s | <2s | ❌ |
#### Throughput
| Service | Current RPS | Peak RPS | Capacity | Utilization |
|---------|-------------|----------|----------|-------------|
| API | 1,200 | 2,400 | 5,000 | 48% |
| Worker | 500 | 800 | 1,000 | 80% |
#### Resource Utilization
| Resource | Average | Peak | Threshold | Status |
|----------|---------|------|-----------|--------|
| CPU | 45% | 78% | 80% | ⚠️ |
| Memory | 62% | 85% | 85% | ⚠️ |
| Disk I/O | 30% | 55% | 70% | ✅ |
| Network | 25% | 40% | 60% | ✅ |
### Bottleneck Analysis
#### Identified Bottlenecks
1. **Database Queries** (High Impact)
- Location: `/api/search` endpoint
- Cause: Missing index on `created_at` column
- Impact: 890ms P95 latency
- Fix: Add composite index
2. **Memory Pressure** (Medium Impact)
- Location: Report generation service
- Cause: Large dataset loading into memory
- Impact: GC pauses, OOM risks
- Fix: Implement streaming/pagination
### Load Test Results
| Scenario | Users | Duration | Errors | Avg Response |
|----------|-------|----------|--------|--------------|
| Baseline | 100 | 10min | 0% | 120ms |
| Normal | 500 | 30min | 0.1% | 180ms |
| Peak | 1000 | 15min | 2.3% | 450ms |
| Stress | 2000 | 5min | 15% | 2.1s |
### Optimization Recommendations
#### Quick Wins (This Sprint)
1. Add database indexes - Expected: 40% improvement
2. Enable query caching - Expected: 25% improvement
3. Optimize N+1 queries - Expected: 30% improvement
#### Medium Term (Next Quarter)
1. Implement read replicas
2. Add CDN for static assets
3. Optimize serialization
#### Long Term (6+ Months)
1. Service decomposition
2. Event-driven architecture
3. Edge computing deployment
### Capacity Planning
| Timeframe | Expected Load | Current Capacity | Gap | Action |
|-----------|---------------|------------------|-----|--------|
| 3 months | +25% | 5,000 RPS | ✅ | Monitor |
| 6 months | +50% | 5,000 RPS | ⚠️ | Scale |
| 12 months | +100% | 5,000 RPS | ❌ | Redesign |
Architecture Review Template
## Architecture Review
**System**: [System name]
**Version**: [Current architecture version]
**Review Date**: [YYYY-MM-DD]
**Participants**: [Team members]
### Current Architecture
#### System Diagram
[Include architecture diagram or ASCII representation]
#### Components
| Component | Purpose | Technology | Owner |
|-----------|---------|------------|-------|
| API Gateway | Request routing | Kong | Platform |
| Auth Service | Authentication | Keycloak | Security |
| Core API | Business logic | Python/FastAPI | Backend |
| Database | Data persistence | PostgreSQL | Data |
#### Data Flow
1. User request → API Gateway
2. API Gateway → Auth validation
3. Auth → Core API
4. Core API → Database
5. Response → User
### Evaluation Criteria
#### Scalability
| Aspect | Current | Target | Gap | Score |
|--------|---------|--------|-----|-------|
| Horizontal scaling | Manual | Auto | Yes | 6/10 |
| Database scaling | Single | Sharded | Yes | 5/10 |
| Caching | Redis | Distributed | No | 8/10 |
#### Reliability
| Aspect | Current | Target | Gap | Score |
|--------|---------|--------|-----|-------|
| Availability | 99.5% | 99.9% | Yes | 7/10 |
| Disaster recovery | Manual | Auto | Yes | 5/10 |
| Data backup | Daily | Real-time | Yes | 6/10 |
#### Maintainability
| Aspect | Current | Target | Gap | Score |
|--------|---------|--------|-----|-------|
| Code modularity | Medium | High | Yes | 6/10 |
| Documentation | Partial | Complete | Yes | 5/10 |
| Test coverage | 70% | 85% | Yes | 7/10 |
### Technical Debt Assessment
| Item | Impact | Effort | Priority | Age |
|------|--------|--------|----------|-----|
| Legacy auth system | High | High | P1 | 2y |
| Monolithic API | Medium | High | P2 | 1.5y |
| Missing monitoring | Medium | Low | P1 | 1y |
### Recommendations
#### Immediate (0-3 months)
1. [Recommendation 1]
2. [Recommendation 2]
#### Short-term (3-6 months)
1. [Recommendation 1]
2. [Recommendation 2]
#### Long-term (6-12 months)
1. [Recommendation 1]
2. [Recommendation 2]
### Decision Log
| Decision | Rationale | Alternatives Considered | Date |
|----------|-----------|------------------------|------|
| [Decision 1] | [Why] | [Options] | [Date] |
Integration with Extended Thinking
For deep analysis tasks, use maximum thinking budget:
response = client.messages.create(
model="claude-opus-4-5-20250514",
max_tokens=32000,
thinking={
"type": "enabled",
"budget_tokens": 25000 # Maximum budget for deep analysis
},
system="""You are a senior technical analyst performing a
comprehensive review. Use structured analysis templates and
document all findings systematically.""",
messages=[{
"role": "user",
"content": "Perform a security threat model for..."
}]
)
Best Practices
- Use appropriate templates: Match template to analysis type
- Be systematic: Follow the template structure completely
- Quantify findings: Use metrics and severity ratings
- Prioritize actionable: Focus on findings that can be fixed
- Document evidence: Link to specific code/logs/data
- Track progress: Update findings as they're addressed
See Also
- [[extended-thinking]] - Enable deep reasoning capabilities
- [[complex-reasoning]] - Reasoning frameworks
- [[testing]] - Validation strategies
- [[debugging]] - Issue investigation
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
nicepkg/auto-company
micro-saas-launcher
Expert in launching small, focused SaaS products fast - the indie hacker approach to building profitable software. Covers idea validation, MVP development, pricing, launch strategies, and growing to sustainable revenue. Ship in weeks, not months. Use when: micro saas, indie hacker, small saas, side project, saas mvp.
nicepkg/auto-company
seo-audit
When the user wants to audit, review, or diagnose SEO issues on their site. Also use when the user mentions "SEO audit," "technical SEO," "why am I not ranking," "SEO issues," "on-page SEO," "meta tags review," or "SEO health check." For building pages at scale to target keywords, see programmatic-seo. For adding structured data, see schema-markup.
nicepkg/auto-company
ux-audit-rethink
Comprehensive UX audit using IxDF's 7 factors, 5 usability characteristics, and 5 interaction dimensions. Holistic evaluation with redesign proposals based on user-centered design principles.
nicepkg/auto-company
startup-financial-modeling
This skill should be used when the user asks to "create financial projections", "build a financial model", "forecast revenue", "calculate burn rate", "estimate runway", "model cash flow", or requests 3-5 year financial planning for a startup.
nicepkg/auto-company
ph-community-outreach
Engage Reddit, Indie Hackers, Hacker News and other communities for Product Hunt launches. Use this skill to identify relevant communities, craft appropriate posts, and drive cross-platform engagement without appearing spammy.
nicepkg/auto-company
financial-unit-economics
Use when evaluating business model viability, analyzing profitability per customer/product/transaction, validating startup metrics (CAC, LTV, payback period), making pricing decisions, assessing scalability, comparing business models, or when user mentions unit economics, CAC/LTV ratio, contribution margin, customer profitability, break-even analysis, or needs to determine if a business can be profitable at scale.
Didn't find tool you were looking for?