Provides architecture rules for designing and auditing software systems: DDD, hexagonal/clean architecture, event-driven, CQRS, resilience, scalability, cloud-native patterns.
How this skill is triggered — by the user, by Claude, or both
Slash command
/sota-skills:sota-architectureThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Dense, enforceable rules for software and system architecture: choosing styles,
rules/01-architecture-styles-and-decisions.mdrules/02-domain-modeling-and-boundaries.mdrules/03-distributed-systems-and-events.mdrules/04-resilience-and-failure-design.mdrules/05-scalability-state-and-data.mdrules/06-cloud-native-config-and-delivery.mdrules/07-anti-patterns-catalog.mdrules/08-nats-jetstream.mdDense, enforceable rules for software and system architecture: choosing styles,
drawing boundaries, surviving distributed systems, scaling state, and shipping
cloud-natively. One rule set, two modes — apply the rules while building,
or check code against them while auditing. All substance lives in rules/;
this file routes you to the right one.
docs/adr/.Scope first. Identify what you're auditing (whole system, one service, one PR) and read the matching rules files from the index. For a full architecture audit, work through all seven; for a PR, pick by topic.
Drive from the checklists. Every rules file ends with an "Audit checklist" of yes/no questions — answer each with evidence (file:line, config, trace), never from the README's claims. Use rules/07 detection signals as concrete grep/inspection targets.
Verify mechanically where possible: grep for client construction without
timeouts, imports crossing layers, queries missing tenant scoping, latest
image tags, dual-writes (DB write + publish in the same function without an
outbox), shared DB credentials.
Report every violation as a finding in this exact format:
[SEVERITY] file:line — Rule violated: <rules-file §section, short rule name>
Evidence: <what you observed>
Impact: <what fails and when>
Fix: <specific, smallest correct remediation>
Effort: trivial | small | medium | large
Severity conventions:
Summarize findings by severity with counts, then list the top 3 structural themes (not symptoms) and the order to fix them (Critical correctness → rollback/deploy safety → evolvability).
| File | Topics | Read this when... |
|---|---|---|
rules/01-architecture-styles-and-decisions.md | Modular monolith vs microservices vs serverless, extraction forces, ADRs, evolutionary architecture, fitness functions, Type 1/2 decisions, Conway's law, strangler fig, buy vs build | Starting a system, proposing/justifying a service split or merge, reviewing whether the architecture style fits, setting up ADRs or CI architecture gates |
rules/02-domain-modeling-and-boundaries.md | Bounded contexts, context maps, ubiquitous language, aggregates & invariants, hexagonal ports/adapters, clean-architecture dependency rule, ACLs, domain events, value objects, repositories, optimistic concurrency | Modeling a domain, defining module/service internals, reviewing layering and imports, fixing anemic models or god aggregates, wrapping vendors |
rules/03-distributed-systems-and-events.md | CAP/PACELC per-operation, idempotency mechanics, exactly-once myth, outbox/inbox, sagas (orchestration vs choreography), event vs command, CQRS/event-sourcing adoption bar, DLQs, ordering, backpressure, schema evolution, contract tests, IDs & time | Anything crosses a network or a queue: designing/reviewing messaging, workflows spanning services, consistency questions, retry/duplicate bugs, API/event versioning |
rules/04-resilience-and-failure-design.md | Timeouts & deadline budgets, retries with jitter & budgets, circuit breakers, bulkheads, graceful degradation, fail open/closed, load shedding, liveness vs readiness, chaos engineering, SLOs, safe rollback/restart, stampedes | Designing or reviewing any integration point, incident follow-ups, "is this service production-ready", overload or cascading-failure concerns |
rules/05-scalability-state-and-data.md | Stateless services, autoscaling signals, DB scaling order, replica staleness, caching tiers & invalidation, partitioning/sharding keys, data lifecycle/retention, multi-tenancy models & isolation, workload separation, async heavy work | Scaling questions, cache design/review, choosing shard or partition keys, building/auditing multi-tenant systems, read-after-write bugs |
rules/06-cloud-native-config-and-delivery.md | 12-factor updated 2026: immutable artifacts, config & secrets, GitOps, disposability, observability (logs/metrics/traces/SLOs), backing services & dev/prod parity, feature-flag discipline, progressive delivery, expand/contract migrations, runbooks, cost signals | Setting up a new service's operational skeleton, reviewing deployability/config/secrets/flags, CI/CD and migration-safety review |
rules/07-anti-patterns-catalog.md | Distributed monolith, shared database, god services, premature microservices, leaky abstractions, sync chain of doom, event spaghetti, cache-as-truth, shared common libs, resume-driven design — each with detection signals, fix, default severity | Every audit (use as the detection playbook); in BUILD mode as the "never do this" list; naming and severity-rating a smell you've spotted |
rules/08-nats-jetstream.md | NATS JetStream as primary bus (Go): core NATS vs JetStream, subject/stream design, stream limits & retention/discard, R3/mirrors/sources, publish dedup (Nats-Msg-Id + duplicate window), pull consumers (jetstream pkg), ack/nak/term, MaxAckPending/MaxDeliver, DLQ-via-advisory, KV & Object stores, accounts/domains/leafnodes | Designing, building, or auditing anything on NATS JetStream — streams, consumers, KV/Object stores, multi-tenant accounts; apply on top of rules/03 (general eventing) for JetStream-specific config and Go client mechanics |
Check these on every build and every audit, regardless of scope:
A violation of any of these is at minimum High severity; most are Critical on data-, money-, or security-touching paths.
npx claudepluginhub martinholovsky/sota-skills --plugin sota-skillsPrevents silent decimal mismatch bugs across EVM chains with runtime lookup, chain-aware caching, and safe normalization for bots, dashboards, and DeFi tools.