zhongwei/gh-lyndonkl-claude
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
gh-lyndonkl-claude/skills/layered-reasoning/resources/template.md
Zhongwei Li 41d9f6b189 Initial commit
2025-11-30 08:38:26 +08:00

312 lines
13 KiB
Markdown
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# Layered Reasoning Templates
Quick-start templates for structuring multi-level reasoning, checking consistency across layers, and translating between abstraction levels.
---
## Template 1: 3-Layer Reasoning Document
**When to use**: Designing systems, planning strategy, explaining concepts at multiple depths
### Layered Reasoning Template
**Topic/System**: [Name of what you're analyzing]
**Purpose**: [Why this layering matters]
**Date**: [Date]
---
### Layer 1: Strategic (30,000 ft) — WHY
**Core Principles/Invariants**:
1. [Principle 1, e.g., "Customer privacy is non-negotiable"]
2. [Principle 2, e.g., "System must scale to 10× current load"]
3. [Principle 3, e.g., "Developer productivity is paramount"]
**Strategic Constraints**:
- [Constraint 1, e.g., "Must comply with GDPR"]
- [Constraint 2, e.g., "Cannot exceed $X budget"]
- [Constraint 3, e.g., "Launch within 6 months"]
**Assumptions**:
- [Assumption 1, e.g., "Market remains competitive"]
- [Assumption 2, e.g., "Cloud infrastructure available"]
**Success Criteria (Strategic)**:
- [Metric 1, e.g., "Market leader in trust ratings"]
- [Metric 2, e.g., "Support 100M users"]
---
### Layer 2: Tactical (3,000 ft) — WHAT
**Approaches/Architectures** (that satisfy strategic layer):
**Approach 1**: [Name, e.g., "Microservices Architecture"]
- **Satisfies**: [Which strategic principles, e.g., "Scales to 10×, enables team independence"]
- **Tactics**:
- [Tactic 1, e.g., "Service mesh for inter-service communication"]
- [Tactic 2, e.g., "Event-driven architecture for async operations"]
- [Tactic 3, e.g., "API gateway for external requests"]
- **Tradeoffs**: [What's sacrificed, e.g., "Increased operational complexity"]
**Approach 2**: [Name, e.g., "Zero-Trust Security Model"]
- **Satisfies**: [Which strategic principles, e.g., "Customer privacy, GDPR compliance"]
- **Tactics**:
- [Tactic 1, e.g., "End-to-end encryption for all data"]
- [Tactic 2, e.g., "Identity-based access control"]
- [Tactic 3, e.g., "Continuous verification, no implicit trust"]
- **Tradeoffs**: [What's sacrificed, e.g., "Slight performance overhead"]
**Success Criteria (Tactical)**:
- [Metric 1, e.g., "99.9% uptime"]
- [Metric 2, e.g., "API response time <100ms p95"]
---
### Layer 3: Operational (300 ft) — HOW
**Implementation Details** (that realize tactical layer):
**Implementation 1**: [Tactic being implemented, e.g., "Service Mesh"]
- **Technology**: [Specific tools, e.g., "Istio on Kubernetes"]
- **Procedures**:
- [Step 1, e.g., "Deploy sidecar proxies to each pod"]
- [Step 2, e.g., "Configure mutual TLS between services"]
- [Step 3, e.g., "Set up traffic routing rules"]
- **Timeline**: [When, e.g., "Sprint 1-2"]
- **Owner**: [Who, e.g., "Platform team"]
**Implementation 2**: [Tactic being implemented, e.g., "End-to-End Encryption"]
- **Technology**: [Specific tools, e.g., "AWS KMS for key management, AES-256 encryption"]
- **Procedures**:
- [Step 1, e.g., "Generate master key in KMS"]
- [Step 2, e.g., "Encrypt data at rest using KMS data keys"]
- [Step 3, e.g., "Use TLS 1.3 for data in transit"]
- **Timeline**: [When, e.g., "Sprint 3"]
- **Owner**: [Who, e.g., "Security team"]
**Success Criteria (Operational)**:
- [Metric 1, e.g., "100% services behind Istio"]
- [Metric 2, e.g., "All PHI encrypted, verified in audit"]
---
### Consistency Validation
**Upward Consistency** (Do operations implement tactics? Do tactics achieve strategy?):
- ☐ [Check 1]: Does Istio implementation enable microservices architecture? → [Yes/No + Evidence]
- ☐ [Check 2]: Does microservices architecture support 10× scale? → [Yes/No + Evidence]
- ☐ [Check 3]: Does encryption implementation satisfy privacy principle? → [Yes/No + Evidence]
**Downward Consistency** (Can strategy be executed with tactics? Can tactics be implemented?):
- ☐ [Check 1]: Can we achieve GDPR compliance with chosen tactics? → [Yes/No + Gaps]
- ☐ [Check 2]: Can we implement Istio within budget/timeline? → [Yes/No + Constraints]
**Lateral Consistency** (Do parallel choices contradict?):
- ☐ [Check 1]: Does encryption overhead conflict with <100ms latency goal? → [Yes/No + Mitigation]
- ☐ [Check 2]: Do microservices complexity conflict with 6-month timeline? → [Yes/No + Adjustment]
**Emergent Properties Observed**:
- [Emergence 1, e.g., "Microservices increased cross-team coordination overhead → slowed feature delivery"]
- [Implication, e.g., "Adjust strategy: 'Scale' includes team coordination, not just technical scale"]
---
### Change Propagation Plan
**If Strategic Layer Changes**:
- [Change scenario, e.g., "New regulation requires data residency"] →
- [Tactical impact, e.g., "Need multi-region deployment with geo-replication"] →
- [Operational impact, e.g., "Deploy regional clusters, implement data sovereignty"]
**If Operational Constraint Discovered**:
- [Constraint, e.g., "Istio adds 50ms latency, exceeds <100ms goal"] →
- [Tactical adjustment, e.g., "Switch to Linkerd (lighter sidecar) or optimize routes"] →
- [Strategic clarification, e.g., "Refine: <100ms for critical paths, <200ms for others"]
---
## Template 2: Cross-Layer Communication Plan
**When to use**: Presenting to stakeholders at different levels (board, management, engineers)
### Communication Template
**Core Message**: [Single sentence summarizing what you're communicating]
---
### For Executive Audience (30K ft - Strategic)
**Slide 1: WHY** (Problem/Opportunity)
- **Context**: [Strategic context, e.g., "Market shifting to privacy-first products"]
- **Impact**: [Business impact, e.g., "Losing 20% customers to competitors on trust"]
- **Outcome**: [Desired end state, e.g., "Become market leader in data privacy"]
**Slide 2: WHAT** (Approach)
- **Strategy**: [High-level approach, e.g., "Zero-trust architecture, end-to-end encryption, transparent security"]
- **Investment**: [Resources required, e.g., "$2M, 6 months, 10 engineers"]
- **Risk**: [Key risks, e.g., "Performance impact, timeline risk if encryption complex"]
**Slide 3: OUTCOMES** (Success Metrics)
- **Revenue impact**: [e.g., "$5M ARR from enterprise customers requiring compliance"]
- **Market position**: [e.g., "SOC 2 Type II + GDPR certified within 6 months"]
- **Risk mitigation**: [e.g., "Avoid $XM penalty for non-compliance"]
**Language**: Business outcomes, revenue, market share, strategic risk. Avoid technical details.
---
### For Management Audience (3K ft - Tactical)
**Roadmap Overview**:
- **Q1**: [Tactical milestone, e.g., "Implement encryption at rest + TLS 1.3"]
- **Q2**: [Tactical milestone, e.g., "Deploy zero-trust access controls + audit logging"]
- **Q3**: [Tactical milestone, e.g., "SOC 2 audit + penetration testing"]
**Team & Resources**:
- **Security Team** (5 engineers): Encryption, access control, audit systems
- **Platform Team** (3 engineers): Infrastructure, key management, monitoring
- **Product Team** (2 engineers): User-facing privacy controls
**Dependencies & Risks**:
- **Dependency 1**: [e.g., "Requires AWS KMS setup (1 week)"]
- **Risk 1**: [e.g., "Encryption may slow API response; plan optimization sprint"]
**Success Metrics**:
- [Metric 1, e.g., "100% data encrypted by end Q1"]
- [Metric 2, e.g., "Pass SOC 2 audit Q3"]
**Language**: Roadmaps, team velocity, dependencies, milestones. Some technical detail but focus on execution.
---
### For Engineering Audience (300 ft - Operational)
**Technical Design**:
- **Architecture**: [e.g., "Client → API Gateway (TLS 1.3) → Service Mesh (mTLS) → Encrypted DB"]
- **Components**:
- [Component 1, e.g., "AWS KMS for key management"]
- [Component 2, e.g., "AES-256-GCM for data at rest"]
- [Component 3, e.g., "Istio sidecar proxies for service-to-service encryption"]
**Implementation Steps**:
1. [Step 1, e.g., "Set up AWS KMS, create customer master key"]
2. [Step 2, e.g., "Implement encryption layer in data access library"]
3. [Step 3, e.g., "Deploy Istio with mTLS strict mode"]
4. [Step 4, e.g., "Migrate existing data: encrypt in background job"]
5. [Step 5, e.g., "Update monitoring: track encryption overhead"]
**Code Example** (if relevant):
```python
# Encrypt data before storing
def store_user_data(user_id, data):
encrypted_data = kms.encrypt(data, key_id='customer-master-key')
db.insert(user_id, encrypted_data)
```
**Testing Plan**:
- [Test 1, e.g., "Unit tests for encryption/decryption"]
- [Test 2, e.g., "Integration tests for end-to-end encrypted flow"]
- [Test 3, e.g., "Performance tests: measure latency impact"]
**Language**: Code, architecture diagrams, APIs, specific technologies, testing. Detailed and technical.
---
## Template 3: Consistency Check Matrix
**When to use**: Validating alignment across layers before finalizing decisions
### Consistency Check Template
**System/Decision**: [What you're validating]
---
| Layer Pair | Consistency Question | Status | Evidence/Gaps | Action Required |
|------------|----------------------|--------|---------------|-----------------|
| **Ops → Tactical** | Do operational procedures implement tactical approaches? | ☐ Pass ☐ Fail | [e.g., "Istio implements service mesh as planned"] | [e.g., "None" or "Fix X"] |
| **Tactical → Strategic** | Do tactical approaches achieve strategic principles? | ☐ Pass ☐ Fail | [e.g., "Zero-trust satisfies privacy principle"] | [e.g., "None" or "Adjust Y"] |
| **Strategic → Tactical** | Can strategic goals be achieved with chosen tactics? | ☐ Pass ☐ Fail | [e.g., "Tactics support GDPR compliance"] | [e.g., "None" or "Add Z tactic"] |
| **Tactical → Ops** | Can tactical approaches be implemented operationally? | ☐ Pass ☐ Fail | [e.g., "Team has Istio expertise"] | [e.g., "Hire or train"] |
| **Ops A ↔ Ops B** | Do parallel operational choices conflict? | ☐ Pass ☐ Fail | [e.g., "Encryption + caching compatible"] | [e.g., "Optimize cache encryption"] |
| **Tactical A ↔ Tactical B** | Do parallel tactical approaches contradict? | ☐ Pass ☐ Fail | [e.g., "Microservices + monorepo: no conflict"] | [e.g., "None" or "Choose one"] |
---
**Overall Consistency**: ☐ **Aligned** (all pass) ☐ **Minor Issues** (1-2 fails, fixable) ☐ **Major Issues** (3+ fails, rethink)
**Summary of Gaps**:
1. [Gap 1, e.g., "Encryption overhead conflicts with latency SLA → Need optimization"]
2. [Gap 2, e.g., "No plan for key rotation → Add operational procedure"]
**Remediation Plan**:
1. [Action 1, e.g., "Benchmark encryption overhead, optimize hot paths"]
2. [Action 2, e.g., "Define 90-day key rotation policy, automate in KMS"]
---
## Template 4: Layer Transition Analysis
**When to use**: When changing strategies, discovering operational constraints, or refactoring systems
### Transition Template
**Transition Type**: ☐ **Top-Down** (Strategy changed) ☐ **Bottom-Up** (Operational constraint discovered)
---
### If Top-Down (Strategy Change)
**Strategic Change**: [What changed at strategic layer, e.g., "New regulation requires data residency in EU"]
**Tactical Implications**:
- **Current Tactics**: [e.g., "Single US region deployment"]
- **Required Tactics**: [e.g., "Multi-region deployment with EU data sovereignty"]
- **New Tactics**: [e.g., "Deploy EU cluster, implement regional routing, data replication"]
**Operational Implications**:
- **Current Operations**: [e.g., "Single AWS us-east-1 region"]
- **Required Operations**: [e.g., "AWS eu-west-1 cluster, regional databases, GDPR-compliant data handling"]
- **Migration Plan**: [Timeline and steps, e.g., "Q1: Deploy EU infra, Q2: Migrate EU customers"]
**Cost/Impact**:
- **Resources**: [e.g., "$500K infrastructure, 3 engineers for 3 months"]
- **Risk**: [e.g., "Data sync latency, potential data loss during migration"]
---
### If Bottom-Up (Operational Constraint)
**Operational Constraint**: [What was discovered, e.g., "Istio sidecar adds 50ms latency, exceeds 100ms SLA"]
**Tactical Re-Evaluation**:
- **Current Tactic**: [e.g., "Istio service mesh for microservices"]
- **Options**:
1. **Option A**: [e.g., "Switch to Linkerd (lighter, ~10ms overhead)"]
2. **Option B**: [e.g., "Optimize Istio config, remove unnecessary features"]
3. **Option C**: [e.g., "Selective mesh: only for services needing mTLS"]
- **Recommendation**: [Which option and why]
**Strategic Clarification** (if needed):
- **Original Strategy**: [e.g., "<100ms latency for all APIs"]
- **Refined Strategy**: [e.g., "<100ms for critical paths (user-facing), <200ms for internal APIs"]
- **Rationale**: [e.g., "Security (mTLS) worth 50ms for internal, but optimize user-facing"]
**Decision**: ☐ **Keep Strategy, Adjust Tactics****Refine Strategy, Keep Tactics****Both Change**
---
## Quick Reference: When to Use Each Template
| Template | Use Case | Output |
|----------|----------|--------|
| **3-Layer Reasoning Document** | Designing systems, planning strategy | Structured doc with strategic/tactical/operational layers + consistency checks |
| **Cross-Layer Communication** | Presenting to different stakeholders | Tailored messaging for exec/management/engineers |
| **Consistency Check Matrix** | Validating alignment before finalizing | Gap analysis with remediation plan |
| **Layer Transition Analysis** | Strategy changes or operational constraints | Impact analysis + migration/adjustment plan |
Reference in New Issue View Git Blame Copy Permalink