Identifies technical, timeline, and dependency risks with mitigation strategies. Use when reviewing plans or implementations to catch potential issues early before they become problems.
Identifies technical, timeline, and dependency risks with mitigation strategies. Use when reviewing plans or implementations to catch potential issues early before they become problems.
/plugin marketplace add binee108/nine-step-workflow-plugin/plugin install nine-step-workflow@lilylab-marketplaceThis skill inherits all available tools. When active, it can use any tool Claude has access to.
Technical: Complex algorithms, new tech, performance Timeline: Unrealistic estimates, dependencies Dependency: External APIs, third-party libraries
Plan: "Implement real-time {{FEATURE}}"
⚠️ HIGH Risk: Performance
Problem: Real-time {{FEATURE}} with high throughput is complex
Impact: May not meet latency requirements
Mitigation:
1. Start simple (Phase 1)
2. Load test early (Phase 2)
3. Optimize based on results (Phase 3)
| Impact | Probability | Action |
|---|---|---|
| High | High | ⛔ Redesign |
| High | Medium | ⚠️ Strong mitigation |
| Medium | High | ⚠️ Mitigation needed |
| Low | Any | ℹ️ Accept |
Technical Risks:
⚠️ HIGH: Payment Gateway Integration
- Problem: Third-party API downtime affects checkout
- Impact: Lost revenue during outages
- Mitigation:
1. Implement circuit breaker pattern
2. Queue failed transactions for retry
3. Add fallback payment processor
⚠️ MEDIUM: Inventory Race Conditions
- Problem: Multiple users buying last item simultaneously
- Impact: Overselling inventory
- Mitigation:
1. Use database row locking
2. Implement optimistic locking with versioning
3. Add inventory reservation system
Timeline Risks:
⚠️ HIGH: Holiday Season Deadline
- Problem: Must launch before Black Friday (8 weeks)
- Impact: Miss peak revenue opportunity
- Mitigation:
1. Reduce MVP scope (defer wishlists, reviews)
2. Add 2-week buffer
3. Prepare rollback plan
Dependency Risks:
⚠️ MEDIUM: Shipping API Rate Limits
- Problem: {{SHIPPING_PROVIDER}} API limited to 100 req/min
- Impact: Cannot calculate shipping for high-traffic periods
- Mitigation:
1. Cache shipping rates for common routes
2. Batch requests where possible
3. Add secondary provider
Technical Risks:
⚠️ HIGH: Multi-Tenancy Data Isolation
- Problem: Complex query filtering for tenant separation
- Impact: Data leak between customers (catastrophic)
- Mitigation:
1. Implement tenant context middleware
2. Add automated tests for every query
3. Security review before launch
⚠️ MEDIUM: Database Migration on Large Dataset
- Problem: Schema change on 10M+ record table
- Impact: Downtime during migration
- Mitigation:
1. Test on production-size dataset
2. Use online migration strategy
3. Schedule during low-traffic window
Timeline Risks:
⚠️ MEDIUM: Team Availability
- Problem: 2 developers on vacation during Phase 3
- Impact: 1-week delay
- Mitigation:
1. Reschedule Phase 3 to after vacation
2. Cross-train team members
3. Complete critical knowledge transfer
Dependency Risks:
⚠️ HIGH: Email Service Provider
- Problem: Relying on single ESP for critical notifications
- Impact: Users miss password resets, billing alerts
- Mitigation:
1. Add fallback ESP ({{PROVIDER_2}})
2. Queue failed emails for retry
3. Monitor delivery rates
Technical Risks:
⚠️ HIGH: Data Pipeline Scalability
- Problem: Current design handles 100K records/day, expecting 10M
- Impact: Pipeline crashes under load
- Mitigation:
1. Add horizontal scaling (partition by date)
2. Load test at 20M records/day (2x expected)
3. Implement backpressure mechanisms
⚠️ MEDIUM: Data Quality Issues
- Problem: Source system sends malformed data periodically
- Impact: Pipeline failures, bad analytics
- Mitigation:
1. Add comprehensive validation layer
2. Quarantine invalid records
3. Alert on quality threshold violations
Timeline Risks:
⚠️ HIGH: Data Source API Changes
- Problem: Upstream team planning API redesign (unknown timeline)
- Impact: Integration breaks unexpectedly
- Mitigation:
1. Request advance notice from upstream team
2. Build adapter pattern for easy swapping
3. Add integration tests for early detection
Dependency Risks:
⚠️ MEDIUM: Cloud Storage Costs
- Problem: Storing 100TB+ data, costs uncertain
- Impact: Budget overrun
- Mitigation:
1. Implement data lifecycle policies (archive old data)
2. Use cost monitoring alerts
3. Evaluate compression options
Technical Risks:
⚠️ HIGH: Offline-First Sync Complexity
- Problem: Conflict resolution between offline changes and server
- Impact: Data loss or corruption
- Mitigation:
1. Use CRDT (Conflict-free Replicated Data Types)
2. Implement last-write-wins with timestamps
3. Extensive testing of conflict scenarios
⚠️ MEDIUM: App Store Review Delay
- Problem: Apple review takes 3-7 days, unpredictable
- Impact: Launch date uncertainty
- Mitigation:
1. Submit 1 week before target launch
2. Have TestFlight beta ready as backup
3. Prepare expedited review justification
Timeline Risks:
⚠️ HIGH: Multiple Platform Parity
- Problem: Must ship iOS, Android, Web simultaneously
- Impact: 3x development effort
- Mitigation:
1. Use React Native for code sharing
2. Accept platform-specific features in v2
3. Prioritize one platform for MVP
Dependency Risks:
⚠️ HIGH: Push Notification Service
- Problem: FCM/APNS outages prevent critical notifications
- Impact: Users miss time-sensitive alerts
- Mitigation:
1. Add in-app notification fallback
2. Implement retry logic
3. Monitor notification delivery rates
Technical Risks:
⚠️ HIGH: Device Firmware Updates
- Problem: Updating 10,000+ deployed devices remotely
- Impact: Bricking devices if update fails
- Mitigation:
1. Implement rollback mechanism
2. Phased rollout (1%, 10%, 100%)
3. Add device health monitoring
⚠️ MEDIUM: Network Reliability
- Problem: Devices on unstable cellular networks
- Impact: Frequent disconnections
- Mitigation:
1. Implement exponential backoff reconnection
2. Queue commands for offline devices
3. Add offline operation mode
Timeline Risks:
⚠️ HIGH: Hardware Delivery Delays
- Problem: Chip shortage affecting device production
- Impact: Cannot deploy devices for testing
- Mitigation:
1. Order dev kits 2 months in advance
2. Use device simulators for early development
3. Source alternative hardware vendors
Dependency Risks:
⚠️ MEDIUM: MQTT Broker Limits
- Problem: Current broker handles 1K devices, expecting 50K
- Impact: Connection drops under scale
- Mitigation:
1. Load test broker at 100K devices
2. Evaluate managed MQTT services ({{PROVIDER}})
3. Implement device connection pooling
## Risk Assessment for {{FEATURE_NAME}}
### Technical Risks
#### {{Risk Name}}
- **Severity:** HIGH | MEDIUM | LOW
- **Probability:** HIGH | MEDIUM | LOW
- **Problem:** {{Description of the risk}}
- **Impact:** {{What happens if this occurs}}
- **Mitigation:**
1. {{Primary mitigation strategy}}
2. {{Secondary mitigation strategy}}
3. {{Monitoring/early warning}}
### Timeline Risks
#### {{Risk Name}}
- **Severity:** HIGH | MEDIUM | LOW
- **Probability:** HIGH | MEDIUM | LOW
- **Problem:** {{Description}}
- **Impact:** {{Effect on schedule}}
- **Mitigation:**
1. {{Buffer time}}
2. {{Scope reduction}}
3. {{Resource allocation}}
### Dependency Risks
#### {{Risk Name}}
- **Severity:** HIGH | MEDIUM | LOW
- **Probability:** HIGH | MEDIUM | LOW
- **Problem:** {{External dependency issue}}
- **Impact:** {{How it blocks progress}}
- **Mitigation:**
1. {{Fallback option}}
2. {{Monitoring}}
3. {{Alternative provider}}
### Overall Risk Score
- **Total HIGH risks:** {{count}}
- **Total MEDIUM risks:** {{count}}
- **Recommendation:** [PROCEED | MITIGATE_FIRST | REDESIGN]
For detailed patterns, see reference.md For more examples, see examples.md
This skill should be used when the user asks to "create a slash command", "add a command", "write a custom command", "define command arguments", "use command frontmatter", "organize commands", "create command with file references", "interactive command", "use AskUserQuestion in command", or needs guidance on slash command structure, YAML frontmatter fields, dynamic arguments, bash execution in commands, user interaction patterns, or command development best practices for Claude Code.
This skill should be used when the user asks to "create an agent", "add an agent", "write a subagent", "agent frontmatter", "when to use description", "agent examples", "agent tools", "agent colors", "autonomous agent", or needs guidance on agent structure, system prompts, triggering conditions, or agent development best practices for Claude Code plugins.
This skill should be used when the user asks to "create a hook", "add a PreToolUse/PostToolUse/Stop hook", "validate tool use", "implement prompt-based hooks", "use ${CLAUDE_PLUGIN_ROOT}", "set up event-driven automation", "block dangerous commands", or mentions hook events (PreToolUse, PostToolUse, Stop, SubagentStop, SessionStart, SessionEnd, UserPromptSubmit, PreCompact, Notification). Provides comprehensive guidance for creating and implementing Claude Code plugin hooks with focus on advanced prompt-based hooks API.