Verify bidirectional traceability from requirements to code to tests.
Verifies bidirectional traceability between requirements, code, and tests. Triggers on commands like "check traceability" or "validate requirements coverage" to scan for requirement IDs, map artifacts, identify gaps, and generate coverage reports.
/plugin marketplace add jmagly/ai-writing-guide/plugin install sdlc@aiwgThis skill inherits all available tools. When active, it can use any tool Claude has access to.
Verify bidirectional traceability from requirements to code to tests.
This skill ensures complete traceability across the SDLC by:
When triggered, this skill:
Extracts requirement IDs:
.aiwg/requirements/ for IDs (UC-, REQ-, NFR-*)Scans code for references:
Scans tests for coverage:
Builds traceability matrix:
Identifies issues:
Generates report:
┌─────────────────┐ ┌─────────────────┐ ┌─────────────────┐
│ REQUIREMENTS │────▶│ CODE │────▶│ TESTS │
│ │ │ │ │ │
│ UC-001 │ │ auth.ts │ │ auth.test.ts │
│ UC-002 │ │ user.ts │ │ user.test.ts │
│ REQ-001 │ │ api/routes.ts │ │ api.test.ts │
│ NFR-001 │ │ perf/cache.ts │ │ perf.test.ts │
└─────────────────┘ └─────────────────┘ └─────────────────┘
│ │ │
│ │ │
└──────────────────────┴───────────────────────┘
TRACEABILITY MATRIX
| Type | Pattern | Example |
|---|---|---|
| Use Case | UC-NNN | UC-001, UC-042 |
| Requirement | REQ-NNN | REQ-001, REQ-123 |
| Non-Functional | NFR-NNN | NFR-001, NFR-015 |
| User Story | US-NNN | US-001, US-089 |
| Feature | FEAT-NNN | FEAT-001 |
// In code comments
// Implements: UC-001
// Related: REQ-003, REQ-004
// In JSDoc
/**
* @requirement UC-001
* @requirement REQ-003
*/
// In function names
function handleAuthUC001() {}
// In test descriptions
describe('UC-001: User Authentication', () => {
it('should validate credentials (REQ-001)', () => {});
});
| Requirement | Description | Code Files | Test Files | Status |
|-------------|-------------|------------|------------|--------|
| UC-001 | User login | auth.ts, session.ts | auth.test.ts | ✅ Covered |
| UC-002 | User logout | auth.ts | auth.test.ts | ✅ Covered |
| UC-003 | Password reset | - | - | ❌ Not Implemented |
| REQ-001 | Validate email | user.ts | user.test.ts | ✅ Covered |
| REQ-002 | Hash passwords | auth.ts | - | ⚠️ Untested |
| NFR-001 | < 200ms response | cache.ts | perf.test.ts | ✅ Covered |
## Coverage Summary
| Category | Total | Implemented | Tested | Coverage |
|----------|-------|-------------|--------|----------|
| Use Cases | 15 | 14 | 12 | 80% |
| Requirements | 42 | 40 | 35 | 83% |
| NFRs | 8 | 6 | 4 | 50% |
| **Total** | **65** | **60** | **51** | **78%** |
Requirements with no code implementation:
### Orphan Requirements (No Implementation)
| ID | Description | Priority | Action |
|----|-------------|----------|--------|
| UC-003 | Password reset | High | Implement in Sprint 5 |
| REQ-015 | Export to PDF | Medium | Backlogged |
| NFR-008 | 99.9% uptime | High | Infrastructure ticket |
Code without test coverage:
### Untested Code
| File | Functions | Linked Requirements | Action |
|------|-----------|---------------------|--------|
| utils/crypto.ts | hashPassword, verifyHash | REQ-002 | Add unit tests |
| api/export.ts | generateReport | REQ-010 | Add integration test |
Code with no requirement linkage:
### Code Without Requirements (Potential Rogue Features)
| File | Functions | Notes |
|------|-----------|-------|
| legacy/old-auth.ts | * | Deprecated, remove |
| experiments/feature-x.ts | * | Experimental, document or remove |
rules:
requirements_to_code:
required: true
min_coverage: 90%
exceptions:
- deferred features
- infrastructure requirements
code_to_tests:
required: true
min_coverage: 80%
exceptions:
- generated code
- type definitions
requirements_to_tests:
required: true
min_coverage: 80%
exceptions:
- manual test procedures
checks:
- name: no_orphan_requirements
description: All requirements must have implementation
severity: warning
- name: no_untested_requirements
description: All requirements must have tests
severity: warning
- name: no_rogue_code
description: All code must trace to requirements
severity: info
- name: coverage_threshold
description: Meet minimum coverage thresholds
severity: error
User: "Check traceability"
Skill scans:
1. Extract 65 requirements from .aiwg/requirements/
2. Scan src/ for requirement references
3. Scan test/ for requirement coverage
4. Build matrix
Output:
"Traceability Analysis Complete
Requirements: 65
Implemented: 60 (92%)
Tested: 51 (78%)
Gaps Found:
- 5 orphan requirements (no code)
- 9 untested requirements
- 3 code files with no requirement links
Report: .aiwg/reports/traceability-20251208.md"
User: "Trace UC-001"
Skill returns:
"UC-001: User Authentication
Implementation:
- src/auth/login.ts (lines 45-120)
- src/auth/session.ts (lines 10-50)
Tests:
- test/auth/login.test.ts (8 test cases)
- test/integration/auth.test.ts (3 scenarios)
Coverage: ✅ Fully traced"
User: "Find orphan requirements"
Skill returns:
"Orphan Requirements (No Implementation):
1. UC-003: Password reset flow
Priority: High
Sprint: Backlog
2. REQ-015: Export to PDF
Priority: Medium
Sprint: Backlog
3. NFR-008: 99.9% uptime SLA
Priority: High
Type: Infrastructure
Total: 3 orphan requirements"
# Traceability Analysis Report
**Date**: 2025-12-08
**Scope**: Full Project
**Tool**: traceability-check skill
## Executive Summary
| Metric | Value | Target | Status |
|--------|-------|--------|--------|
| Requirements Coverage | 92% | 90% | ✅ Pass |
| Test Coverage | 78% | 80% | ⚠️ Below Target |
| Orphan Requirements | 5 | 0 | ⚠️ Action Needed |
| Rogue Code Files | 3 | 0 | ℹ️ Review |
## Traceability Matrix
[Full matrix table...]
## Gap Analysis
### Critical Gaps
- NFR-001 (Performance) has no test coverage
- UC-012 (Payment) missing integration tests
### Action Items
1. Add performance tests for NFR-001
2. Implement UC-003 (Password reset)
3. Add tests for UC-012
## Recommendations
1. **Immediate**: Address critical test gaps
2. **Short-term**: Implement orphan requirements
3. **Process**: Add traceability to PR checklist
This skill uses:
artifact-metadata: Get requirement artifact infoproject-awareness: Find source and test directoriesConfigure scanning behavior in .aiwg/config/traceability.yaml:
traceability:
requirements_dir: .aiwg/requirements/
source_dirs:
- src/
- lib/
test_dirs:
- test/
- __tests__/
id_patterns:
- "UC-\\d{3}"
- "REQ-\\d{3}"
- "NFR-\\d{3}"
- "US-\\d{3}"
code_patterns:
- "// Implements: {id}"
- "// Related: {id}"
- "@requirement {id}"
- "\\b{id}\\b" # bare reference
test_patterns:
- "describe\\(['\"].*{id}.*['\"]"
- "it\\(['\"].*{id}.*['\"]"
- "@covers {id}"
exclusions:
- node_modules/
- dist/
- "*.generated.*"
.aiwg/reports/traceability-{date}.md.aiwg/reports/traceability-matrix.csv.aiwg/reports/coverage-gaps.mdThis skill should be used when the user asks to "create a slash command", "add a command", "write a custom command", "define command arguments", "use command frontmatter", "organize commands", "create command with file references", "interactive command", "use AskUserQuestion in command", or needs guidance on slash command structure, YAML frontmatter fields, dynamic arguments, bash execution in commands, user interaction patterns, or command development best practices for Claude Code.
This skill should be used when the user asks to "create an agent", "add an agent", "write a subagent", "agent frontmatter", "when to use description", "agent examples", "agent tools", "agent colors", "autonomous agent", or needs guidance on agent structure, system prompts, triggering conditions, or agent development best practices for Claude Code plugins.
This skill should be used when the user asks to "create a hook", "add a PreToolUse/PostToolUse/Stop hook", "validate tool use", "implement prompt-based hooks", "use ${CLAUDE_PLUGIN_ROOT}", "set up event-driven automation", "block dangerous commands", or mentions hook events (PreToolUse, PostToolUse, Stop, SubagentStop, SessionStart, SessionEnd, UserPromptSubmit, PreCompact, Notification). Provides comprehensive guidance for creating and implementing Claude Code plugin hooks with focus on advanced prompt-based hooks API.