zhongwei/gh-lyndonkl-claude
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
41d9f6b189cdfabecedd3689879f5daf6c39a153
gh-lyndonkl-claude/skills/layered-reasoning/resources/template.md
Zhongwei Li 41d9f6b189 Initial commit
2025-11-30 08:38:26 +08:00

13 KiB
Raw Blame History

Layered Reasoning Templates

Quick-start templates for structuring multi-level reasoning, checking consistency across layers, and translating between abstraction levels.

Template 1: 3-Layer Reasoning Document

When to use: Designing systems, planning strategy, explaining concepts at multiple depths

Layered Reasoning Template

Topic/System: [Name of what you're analyzing]

Purpose: [Why this layering matters]

Date: [Date]

Layer 1: Strategic (30,000 ft) — WHY

Core Principles/Invariants:

  1. [Principle 1, e.g., "Customer privacy is non-negotiable"]
  2. [Principle 2, e.g., "System must scale to 10× current load"]
  3. [Principle 3, e.g., "Developer productivity is paramount"]

Strategic Constraints:

  • [Constraint 1, e.g., "Must comply with GDPR"]
  • [Constraint 2, e.g., "Cannot exceed $X budget"]
  • [Constraint 3, e.g., "Launch within 6 months"]

Assumptions:

  • [Assumption 1, e.g., "Market remains competitive"]
  • [Assumption 2, e.g., "Cloud infrastructure available"]

Success Criteria (Strategic):

  • [Metric 1, e.g., "Market leader in trust ratings"]
  • [Metric 2, e.g., "Support 100M users"]

Layer 2: Tactical (3,000 ft) — WHAT

Approaches/Architectures (that satisfy strategic layer):

Approach 1: [Name, e.g., "Microservices Architecture"]

  • Satisfies: [Which strategic principles, e.g., "Scales to 10×, enables team independence"]
  • Tactics:
    • [Tactic 1, e.g., "Service mesh for inter-service communication"]
    • [Tactic 2, e.g., "Event-driven architecture for async operations"]
    • [Tactic 3, e.g., "API gateway for external requests"]
  • Tradeoffs: [What's sacrificed, e.g., "Increased operational complexity"]

Approach 2: [Name, e.g., "Zero-Trust Security Model"]

  • Satisfies: [Which strategic principles, e.g., "Customer privacy, GDPR compliance"]
  • Tactics:
    • [Tactic 1, e.g., "End-to-end encryption for all data"]
    • [Tactic 2, e.g., "Identity-based access control"]
    • [Tactic 3, e.g., "Continuous verification, no implicit trust"]
  • Tradeoffs: [What's sacrificed, e.g., "Slight performance overhead"]

Success Criteria (Tactical):

  • [Metric 1, e.g., "99.9% uptime"]
  • [Metric 2, e.g., "API response time <100ms p95"]

Layer 3: Operational (300 ft) — HOW

Implementation Details (that realize tactical layer):

Implementation 1: [Tactic being implemented, e.g., "Service Mesh"]

  • Technology: [Specific tools, e.g., "Istio on Kubernetes"]
  • Procedures:
    • [Step 1, e.g., "Deploy sidecar proxies to each pod"]
    • [Step 2, e.g., "Configure mutual TLS between services"]
    • [Step 3, e.g., "Set up traffic routing rules"]
  • Timeline: [When, e.g., "Sprint 1-2"]
  • Owner: [Who, e.g., "Platform team"]

Implementation 2: [Tactic being implemented, e.g., "End-to-End Encryption"]

  • Technology: [Specific tools, e.g., "AWS KMS for key management, AES-256 encryption"]
  • Procedures:
    • [Step 1, e.g., "Generate master key in KMS"]
    • [Step 2, e.g., "Encrypt data at rest using KMS data keys"]
    • [Step 3, e.g., "Use TLS 1.3 for data in transit"]
  • Timeline: [When, e.g., "Sprint 3"]
  • Owner: [Who, e.g., "Security team"]

Success Criteria (Operational):

  • [Metric 1, e.g., "100% services behind Istio"]
  • [Metric 2, e.g., "All PHI encrypted, verified in audit"]

Consistency Validation

Upward Consistency (Do operations implement tactics? Do tactics achieve strategy?):

  • ☐ [Check 1]: Does Istio implementation enable microservices architecture? → [Yes/No + Evidence]
  • ☐ [Check 2]: Does microservices architecture support 10× scale? → [Yes/No + Evidence]
  • ☐ [Check 3]: Does encryption implementation satisfy privacy principle? → [Yes/No + Evidence]

Downward Consistency (Can strategy be executed with tactics? Can tactics be implemented?):

  • ☐ [Check 1]: Can we achieve GDPR compliance with chosen tactics? → [Yes/No + Gaps]
  • ☐ [Check 2]: Can we implement Istio within budget/timeline? → [Yes/No + Constraints]

Lateral Consistency (Do parallel choices contradict?):

  • ☐ [Check 1]: Does encryption overhead conflict with <100ms latency goal? → [Yes/No + Mitigation]
  • ☐ [Check 2]: Do microservices complexity conflict with 6-month timeline? → [Yes/No + Adjustment]

Emergent Properties Observed:

  • [Emergence 1, e.g., "Microservices increased cross-team coordination overhead → slowed feature delivery"]
  • [Implication, e.g., "Adjust strategy: 'Scale' includes team coordination, not just technical scale"]

Change Propagation Plan

If Strategic Layer Changes:

  • [Change scenario, e.g., "New regulation requires data residency"] →
  • [Tactical impact, e.g., "Need multi-region deployment with geo-replication"] →
  • [Operational impact, e.g., "Deploy regional clusters, implement data sovereignty"]

If Operational Constraint Discovered:

  • [Constraint, e.g., "Istio adds 50ms latency, exceeds <100ms goal"] →
  • [Tactical adjustment, e.g., "Switch to Linkerd (lighter sidecar) or optimize routes"] →
  • [Strategic clarification, e.g., "Refine: <100ms for critical paths, <200ms for others"]

Template 2: Cross-Layer Communication Plan

When to use: Presenting to stakeholders at different levels (board, management, engineers)

Communication Template

Core Message: [Single sentence summarizing what you're communicating]

For Executive Audience (30K ft - Strategic)

Slide 1: WHY (Problem/Opportunity)

  • Context: [Strategic context, e.g., "Market shifting to privacy-first products"]
  • Impact: [Business impact, e.g., "Losing 20% customers to competitors on trust"]
  • Outcome: [Desired end state, e.g., "Become market leader in data privacy"]

Slide 2: WHAT (Approach)

  • Strategy: [High-level approach, e.g., "Zero-trust architecture, end-to-end encryption, transparent security"]
  • Investment: [Resources required, e.g., "$2M, 6 months, 10 engineers"]
  • Risk: [Key risks, e.g., "Performance impact, timeline risk if encryption complex"]

Slide 3: OUTCOMES (Success Metrics)

  • Revenue impact: [e.g., "$5M ARR from enterprise customers requiring compliance"]
  • Market position: [e.g., "SOC 2 Type II + GDPR certified within 6 months"]
  • Risk mitigation: [e.g., "Avoid $XM penalty for non-compliance"]

Language: Business outcomes, revenue, market share, strategic risk. Avoid technical details.

For Management Audience (3K ft - Tactical)

Roadmap Overview:

  • Q1: [Tactical milestone, e.g., "Implement encryption at rest + TLS 1.3"]
  • Q2: [Tactical milestone, e.g., "Deploy zero-trust access controls + audit logging"]
  • Q3: [Tactical milestone, e.g., "SOC 2 audit + penetration testing"]

Team & Resources:

  • Security Team (5 engineers): Encryption, access control, audit systems
  • Platform Team (3 engineers): Infrastructure, key management, monitoring
  • Product Team (2 engineers): User-facing privacy controls

Dependencies & Risks:

  • Dependency 1: [e.g., "Requires AWS KMS setup (1 week)"]
  • Risk 1: [e.g., "Encryption may slow API response; plan optimization sprint"]

Success Metrics:

  • [Metric 1, e.g., "100% data encrypted by end Q1"]
  • [Metric 2, e.g., "Pass SOC 2 audit Q3"]

Language: Roadmaps, team velocity, dependencies, milestones. Some technical detail but focus on execution.

For Engineering Audience (300 ft - Operational)

Technical Design:

  • Architecture: [e.g., "Client → API Gateway (TLS 1.3) → Service Mesh (mTLS) → Encrypted DB"]
  • Components:
    • [Component 1, e.g., "AWS KMS for key management"]
    • [Component 2, e.g., "AES-256-GCM for data at rest"]
    • [Component 3, e.g., "Istio sidecar proxies for service-to-service encryption"]

Implementation Steps:

  1. [Step 1, e.g., "Set up AWS KMS, create customer master key"]
  2. [Step 2, e.g., "Implement encryption layer in data access library"]
  3. [Step 3, e.g., "Deploy Istio with mTLS strict mode"]
  4. [Step 4, e.g., "Migrate existing data: encrypt in background job"]
  5. [Step 5, e.g., "Update monitoring: track encryption overhead"]

Code Example (if relevant):

# Encrypt data before storing
def store_user_data(user_id, data):
    encrypted_data = kms.encrypt(data, key_id='customer-master-key')
    db.insert(user_id, encrypted_data)

Testing Plan:

  • [Test 1, e.g., "Unit tests for encryption/decryption"]
  • [Test 2, e.g., "Integration tests for end-to-end encrypted flow"]
  • [Test 3, e.g., "Performance tests: measure latency impact"]

Language: Code, architecture diagrams, APIs, specific technologies, testing. Detailed and technical.

Template 3: Consistency Check Matrix

When to use: Validating alignment across layers before finalizing decisions

Consistency Check Template

System/Decision: [What you're validating]

Layer Pair Consistency Question Status Evidence/Gaps Action Required
Ops → Tactical Do operational procedures implement tactical approaches? ☐ Pass ☐ Fail [e.g., "Istio implements service mesh as planned"] [e.g., "None" or "Fix X"]
Tactical → Strategic Do tactical approaches achieve strategic principles? ☐ Pass ☐ Fail [e.g., "Zero-trust satisfies privacy principle"] [e.g., "None" or "Adjust Y"]
Strategic → Tactical Can strategic goals be achieved with chosen tactics? ☐ Pass ☐ Fail [e.g., "Tactics support GDPR compliance"] [e.g., "None" or "Add Z tactic"]
Tactical → Ops Can tactical approaches be implemented operationally? ☐ Pass ☐ Fail [e.g., "Team has Istio expertise"] [e.g., "Hire or train"]
Ops A ↔ Ops B Do parallel operational choices conflict? ☐ Pass ☐ Fail [e.g., "Encryption + caching compatible"] [e.g., "Optimize cache encryption"]
Tactical A ↔ Tactical B Do parallel tactical approaches contradict? ☐ Pass ☐ Fail [e.g., "Microservices + monorepo: no conflict"] [e.g., "None" or "Choose one"]

Overall Consistency: ☐ Aligned (all pass) ☐ Minor Issues (1-2 fails, fixable) ☐ Major Issues (3+ fails, rethink)

Summary of Gaps:

  1. [Gap 1, e.g., "Encryption overhead conflicts with latency SLA → Need optimization"]
  2. [Gap 2, e.g., "No plan for key rotation → Add operational procedure"]

Remediation Plan:

  1. [Action 1, e.g., "Benchmark encryption overhead, optimize hot paths"]
  2. [Action 2, e.g., "Define 90-day key rotation policy, automate in KMS"]

Template 4: Layer Transition Analysis

When to use: When changing strategies, discovering operational constraints, or refactoring systems

Transition Template

Transition Type: ☐ Top-Down (Strategy changed) ☐ Bottom-Up (Operational constraint discovered)

If Top-Down (Strategy Change)

Strategic Change: [What changed at strategic layer, e.g., "New regulation requires data residency in EU"]

Tactical Implications:

  • Current Tactics: [e.g., "Single US region deployment"]
  • Required Tactics: [e.g., "Multi-region deployment with EU data sovereignty"]
  • New Tactics: [e.g., "Deploy EU cluster, implement regional routing, data replication"]

Operational Implications:

  • Current Operations: [e.g., "Single AWS us-east-1 region"]
  • Required Operations: [e.g., "AWS eu-west-1 cluster, regional databases, GDPR-compliant data handling"]
  • Migration Plan: [Timeline and steps, e.g., "Q1: Deploy EU infra, Q2: Migrate EU customers"]

Cost/Impact:

  • Resources: [e.g., "$500K infrastructure, 3 engineers for 3 months"]
  • Risk: [e.g., "Data sync latency, potential data loss during migration"]

If Bottom-Up (Operational Constraint)

Operational Constraint: [What was discovered, e.g., "Istio sidecar adds 50ms latency, exceeds 100ms SLA"]

Tactical Re-Evaluation:

  • Current Tactic: [e.g., "Istio service mesh for microservices"]
  • Options:
    1. Option A: [e.g., "Switch to Linkerd (lighter, ~10ms overhead)"]
    2. Option B: [e.g., "Optimize Istio config, remove unnecessary features"]
    3. Option C: [e.g., "Selective mesh: only for services needing mTLS"]
  • Recommendation: [Which option and why]

Strategic Clarification (if needed):

  • Original Strategy: [e.g., "<100ms latency for all APIs"]
  • Refined Strategy: [e.g., "<100ms for critical paths (user-facing), <200ms for internal APIs"]
  • Rationale: [e.g., "Security (mTLS) worth 50ms for internal, but optimize user-facing"]

Decision: ☐ Keep Strategy, Adjust TacticsRefine Strategy, Keep TacticsBoth Change

Quick Reference: When to Use Each Template

Template Use Case Output
3-Layer Reasoning Document Designing systems, planning strategy Structured doc with strategic/tactical/operational layers + consistency checks
Cross-Layer Communication Presenting to different stakeholders Tailored messaging for exec/management/engineers
Consistency Check Matrix Validating alignment before finalizing Gap analysis with remediation plan
Layer Transition Analysis Strategy changes or operational constraints Impact analysis + migration/adjustment plan
Reference in New Issue View Git Blame Copy Permalink