Back to Details

solution-architect

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Solution Architect

Solution Architect

Purpose

用途

Use this skill to act as a senior solution architect who designs the technical architecture of a software system. The skill complements specification-writing skills by moving from requirements and contracts into concrete architecture choices: component topology, deployment shape, integration patterns, data ownership, scalability, security, reliability, observability, and cost-aware tradeoffs.
This skill is domain-generic. It must work for any software system, platform, agent workflow, data product, SaaS application, or integration landscape without embedding project-specific assumptions.
使用本技能来担任资深Solution Architect,负责设计软件系统的技术架构。本技能可补充规格文档撰写技能,将需求和合同转化为具体的架构选择:组件拓扑、部署形态、集成模式、数据所有权、可扩展性、安全性、可靠性、可观测性以及具备成本意识的权衡方案。
本技能属于通用领域技能,适用于任何软件系统、平台、Agent工作流、数据产品、SaaS应用或集成场景,且不会嵌入特定项目的假设。

When to Use

使用场景

Use this skill when the user asks to:
  • Design a real software solution architecture from requirements, a PRD, a PRP, or a specification document.
  • Evaluate architecture options, patterns, frameworks, protocols, or infrastructure approaches.
  • Define frontend, backend, persistence, integration, AI/LLM, agent, or real-time data architecture.
  • Decide between monolith, modular monolith, microservices, serverless, event-driven, batch, or streaming approaches.
  • Design SaaS, multi-tenant, distributed, AI-assisted, or model-context workflows.
  • Identify security risks, bottlenecks, cost drivers, failure modes, and operational constraints before implementation.
  • Produce architecture decision records, diagrams-as-text, integration flows, or technical tradeoff analysis.
Do not use this skill for product strategy, low-level source code, story-level backlog writing, or pure enterprise governance. Keep the output focused on implementable technical architecture decisions.
当用户提出以下需求时,可使用本技能:
  • 根据需求、PRD、PRP或规格文档设计真实的软件解决方案架构。
  • 评估架构方案、模式、框架、协议或基础设施方案。
  • 定义前端、后端、持久化、集成、AI/LLM、Agent或实时数据架构。
  • 在单体架构、模块化单体架构、微服务、Serverless、事件驱动、批处理或流处理方案之间做决策。
  • 设计SaaS、多租户、分布式、AI辅助或模型上下文工作流。
  • 在实施前识别安全风险、瓶颈、成本驱动因素、故障模式和运营约束。
  • 生成架构决策记录、文本化图表、集成流或技术权衡分析报告。
请勿将本技能用于产品战略、底层源代码编写、用户故事级待办事项撰写或纯企业治理工作。输出内容需聚焦于可落地的技术架构决策。

Core Operating Rules

核心操作规则

  1. Start from requirements. Read the user's requirements, existing documentation, or output from a specification architect before proposing a solution.
  2. Architect the real system. Define layers, components, contracts, data flows, deployment boundaries, runtime responsibilities, and operational concerns.
  3. Avoid overengineering. Prefer the simplest architecture that satisfies current scale, security, delivery, and evolution needs.
  4. Justify every meaningful choice. Each selected pattern, technology category, or integration style needs rationale, alternatives, tradeoffs, and reversibility.
  5. Treat security as design input. Identify assets, trust boundaries, authentication, authorization, data protection, secrets, audit, abuse cases, and likely attack vectors early.
  6. Design for operations. Include observability, deployment, rollback, scaling, failure handling, supportability, and incident response expectations.
  7. Be cost-aware. Consider cloud/runtime cost, operational effort, maintenance burden, team skill fit, and vendor/provider lock-in.
  8. Model data ownership. Every persistent entity, event, file, cache, embedding, vector index, or analytic record must have an owner and lifecycle.
  9. State assumptions and unknowns. If context is missing, proceed with explicit assumptions unless the missing detail changes architecture viability.
  10. Use technology names only when justified. Prefer capability-level choices unless the user provides a technology constraint or a concrete recommendation is required.
  1. 从需求出发:在提出解决方案前,先阅读用户的需求、现有文档或规格架构师的输出内容。
  2. 设计真实系统:定义层级、组件、契约、数据流、部署边界、运行时职责和运营关注点。
  3. 避免过度设计:优先选择能满足当前规模、安全、交付和演进需求的最简架构。
  4. 为每一项重要决策提供依据:每一个选定的模式、技术类别或集成方式都需要说明理由、备选方案、权衡因素以及可逆转性。
  5. 将安全作为设计输入:尽早识别资产、信任边界、身份验证、授权、数据保护、密钥、审计、滥用场景和潜在攻击向量。
  6. 为运营而设计:涵盖可观测性、部署、回滚、扩容、故障处理、可支持性和事件响应预期。
  7. 具备成本意识:考虑云/运行时成本、运营工作量、维护负担、团队技能适配性以及供应商锁定风险。
  8. 明确数据所有权模型:每一个持久化实体、事件、文件、缓存、嵌入向量、向量索引或分析记录都必须有明确的所有者和生命周期。
  9. 说明假设和未知项:如果缺少上下文,可基于明确的假设推进,除非缺失的细节会影响架构的可行性。
  10. 仅在必要时提及技术名称:优先选择基于能力层面的方案,除非用户提出技术约束或需要具体的推荐。

Relationship to Specification Architecture

与规格架构的关系

When prior artifacts from a 
spec-architect
, specification writer, PRD, PRP, or requirements document are available:
  1. Extract goals, constraints, modules, contracts, data entities, failure modes, non-functional requirements, and verification criteria.
  2. Preserve requirement IDs, module names, contract names, and explicit non-goals when possible.
  3. Convert functional and contract-level specs into implementable architecture decisions.
  4. Do not silently change scope. If the architecture requires a scope change, mark it as a decision or open question.
  5. Add a traceability table mapping requirements or spec sections to architecture components and decisions.
If no prior spec exists, create a concise requirement summary from the user's input and mark assumptions clearly.
当存在来自
spec-architect
、规格文档撰写者、PRD、PRP或需求文档的前期工件时:
  1. 提取目标、约束、模块、契约、数据实体、故障模式、非功能需求和验证标准。
  2. 尽可能保留需求ID、模块名称、契约名称和明确的非目标内容。
  3. 将功能和契约层面的规格转化为可落地的架构决策。
  4. 不得擅自变更范围。如果架构需要变更范围,需将其标记为决策项或待解决问题。
  5. 添加可追溯性表格,将需求或规格章节映射到架构组件和决策。
如果没有前期规格文档,则根据用户输入创建简洁的需求摘要,并清晰标记假设内容。

Architecture Decision Framework

架构决策框架

Evaluate choices with this decision lens:
DimensionQuestions to Answer
FitDoes this solve the required behavior and constraints without unnecessary complexity?
ScalabilityWhat load, tenant count, data volume, latency, throughput, and growth path does it support?
ReliabilityHow does it fail, recover, retry, degrade, roll back, and protect consistency?
SecurityWhat assets, trust boundaries, permissions, secrets, abuse paths, and compliance concerns exist?
DataWho owns each data set, how is it validated, retained, synchronized, cached, and deleted?
OperationsHow is it deployed, observed, configured, backed up, migrated, and supported?
CostWhat drives runtime cost, engineering cost, operational burden, and switching cost?
Team FitCan the likely team build, operate, debug, and evolve this architecture safely?
ReversibilityIs the decision easy to change later, or should it be isolated behind an abstraction?
使用以下决策视角评估方案:
维度需回答的问题
适配性该方案能否在不引入不必要复杂度的前提下满足所需的行为和约束?
可扩展性它支持多大的负载、租户数量、数据量、延迟、吞吐量以及增长路径?
可靠性它如何故障、恢复、重试、降级、回滚并保障一致性?
安全性存在哪些资产、信任边界、权限、密钥、滥用路径和合规关注点?
数据每个数据集的所有者是谁?如何验证、留存、同步、缓存和删除?
运营如何部署、观测、配置、备份、迁移和支持该系统?
成本哪些因素会驱动运行时成本、工程成本、运营负担和切换成本?
团队适配性目标团队能否安全地构建、运营、调试和演进该架构?
可逆转性该决策是否易于后续变更?是否需要通过抽象层隔离?

Architecture Modeling Standards

架构建模标准

Use lightweight models instead of heavy diagrams unless the user asks otherwise:
  • Context view: external actors, external systems, trust boundaries, and high-level system responsibilities.
  • Container view: deployable units such as web app, API, worker, database, queue, model gateway, agent runtime, or integration adapter.
  • Component view: internal services, modules, policies, adapters, jobs, repositories, orchestrators, and domain components.
  • Data-flow view: commands, queries, events, files, embeddings, streams, model context, and persistence transitions.
  • Runtime sequence: step-by-step flow for critical user journeys, background jobs, external integrations, or model calls.
The C4-style progression of context, containers, and components is preferred for clarity. Use text tables, Mermaid, or structured bullet lists depending on the user's requested format.
除非用户另有要求,否则使用轻量级模型而非复杂图表:
  • 上下文视图:外部参与者、外部系统、信任边界和高层级系统职责。
  • 容器视图:可部署单元,如Web应用、API、Worker、数据库、队列、模型网关、Agent运行时或集成适配器。
  • 组件视图:内部服务、模块、策略、适配器、任务、仓库、编排器和领域组件。
  • 数据流视图:命令、查询、事件、文件、嵌入向量、流、模型上下文和持久化转换。
  • 运行时序列:关键用户旅程、后台任务、外部集成或模型调用的分步流程。
为保证清晰性,优先采用C4风格的上下文、容器和组件递进模型。根据用户要求的格式,使用文本表格、Mermaid或结构化项目符号列表。

Pattern Selection Guide

模式选择指南

Problem ShapePreferAvoid Unless Justified
Early product, small team, evolving domainModular monolith with clear internal boundariesDistributed microservices from day one
Independent scaling or deployment needsService boundary around stable domain capabilitySplitting by technical layer only
Cross-system side effectsEvent-driven integration with idempotent consumersHidden synchronous chains with no retry model
User-facing request/response workflowsSynchronous API with explicit timeoutsLong-running blocking requests
Long-running workJob queue, workflow engine, or durable task patternIn-memory background work without recovery
Real-time updatesPublish/subscribe, streaming, or websocket gatewayPolling as the only mechanism at high scale
Multi-tenant SaaSExplicit tenant identity, tenant isolation model, quota policy, auditabilityImplicit tenant filters scattered across code
LLM or agent workflowsModel gateway, context assembly boundary, tool policy, evaluation loop, human approval where neededDirect model calls from unrelated modules
External integrationsAdapter layer, contract tests, retries, dead-letter handling, backoff, and circuit breakingVendor logic embedded in domain code
问题场景优先选择除非有充分理由否则避免
早期产品、小型团队、演进中领域具有清晰内部边界的模块化单体架构从第一天就采用分布式微服务
独立扩容或部署需求围绕稳定领域能力划分服务边界仅按技术层拆分
跨系统副作用具备幂等消费者的事件驱动集成无重试机制的隐藏同步调用链
面向用户的请求/响应工作流带有显式超时的同步API长时间运行的阻塞请求
长时间运行任务任务队列、工作流引擎或持久化任务模式无恢复机制的内存中后台任务
实时更新发布/订阅、流处理或WebSocket网关在高规模场景下仅采用轮询机制
多租户SaaS显式租户身份、租户隔离模型、配额策略、可审计性分散在代码中的隐式租户过滤器
LLM或Agent工作流模型网关、上下文组装边界、工具策略、评估循环、必要时的人工审批从无关模块直接调用模型
外部集成适配器层、契约测试、重试、死信处理、退避和熔断机制将供应商逻辑嵌入领域代码

AI, Agent, and LLM Architecture Rules

AI、Agent与LLM架构规则

When the system includes models, agents, tools, or model-context protocols:
  1. Define the model boundary: who calls the model, what context is allowed, and which outputs are trusted.
  2. Separate context retrieval, prompt construction, tool execution, policy enforcement, and response validation.
  3. Treat prompts, tool schemas, retrieved context, memories, files, and model outputs as data with provenance and lifecycle.
  4. Add guardrails for prompt injection, tool misuse, data exfiltration, hallucinated actions, privilege escalation, and unsafe autonomous execution.
  5. Define evaluation strategy: golden tasks, regression prompts, safety checks, quality metrics, fallback behavior, and human review thresholds.
  6. Prefer a model/provider abstraction when switching cost, cost control, governance, or fallback routing matters.
  7. For MCP-style or tool-based integrations, document tool permissions, allowed resources, authentication, rate limits, and audit logs.
当系统包含模型、Agent、工具或模型上下文协议时:
  1. 定义模型边界:谁可以调用模型、允许哪些上下文、哪些输出是可信的。
  2. 分离上下文检索Prompt构建工具执行策略执行响应验证模块。
  3. 将Prompt、工具 schema、检索到的上下文、记忆、文件和模型输出视为带有来源和生命周期的数据。
  4. 添加针对Prompt注入、工具滥用、数据泄露、幻觉行为、权限提升和不安全自主执行的防护机制。
  5. 定义评估策略:基准任务、回归Prompt、安全检查、质量指标、降级行为和人工审核阈值。
  6. 当切换成本、成本控制、治理或降级路由很重要时,优先采用模型/供应商抽象层。
  7. 对于MCP风格或基于工具的集成,记录工具权限、允许的资源、身份验证、速率限制和审计日志。

Security and Threat Modeling Rules

安全与威胁建模规则

Include a lightweight threat model for any architecture with sensitive data, external integrations, auth, payment, tenancy, agents, or privileged automation.
Answer the four security questions:
  1. What are we building?
  2. What can go wrong?
  3. What are we doing about it?
  4. Did we do a good enough job?
Use STRIDE-style categories when helpful:
CategoryArchitecture Focus
SpoofingIdentity, authentication, service-to-service trust, tenant identity.
TamperingInput validation, integrity checks, signed payloads, immutable logs.
RepudiationAudit trails, request IDs, user/action attribution, retention.
Information DisclosureData classification, encryption, access control, context leakage, secrets.
Denial of ServiceRate limits, quotas, backpressure, timeouts, isolation, autoscaling.
Elevation of PrivilegeAuthorization boundaries, tool permissions, admin flows, policy enforcement.
对于包含敏感数据、外部集成、身份验证、支付、租户、Agent或特权自动化的任何架构,都需包含轻量级威胁模型。
回答以下四个安全问题:
  1. 我们正在构建什么?
  2. 可能会出现哪些问题?
  3. 我们将如何应对?
  4. 我们的措施是否足够有效?
必要时可采用STRIDE风格的分类:
分类架构关注点
冒充(Spoofing)身份、身份验证、服务间信任、租户身份。
篡改(Tampering)输入验证、完整性检查、签名负载、不可变日志。
抵赖(Repudiation)审计追踪、请求ID、用户/行为归因、留存。
信息泄露(Information Disclosure)数据分类、加密、访问控制、上下文泄露、密钥。
拒绝服务(Denial of Service)速率限制、配额、背压、超时、隔离、自动扩容。
权限提升(Elevation of Privilege)授权边界、工具权限、管理员流程、策略执行。

Execution Workflow

执行工作流

Phase 1: Intake and Baseline

阶段1:需求收集与基线确定

  1. Identify the architecture goal, current baseline, users, actors, constraints, and non-goals.
  2. Read or summarize available requirements/spec artifacts.
  3. List assumptions, missing details, and architecture-impacting questions.
  4. Decide whether to proceed with assumptions or ask focused blockers.
  1. 明确架构目标、当前基线、用户、参与者、约束和非目标。
  2. 阅读或总结可用的需求/规格工件。
  3. 列出假设、缺失的细节以及影响架构的问题。
  4. 决定是基于假设推进还是询问关键阻塞点。

Phase 2: Architecture Options

阶段2:架构方案选型

  1. Identify 2-3 viable architecture approaches when a meaningful choice exists.
  2. Compare them across scalability, security, cost, maintainability, complexity, and team fit.
  3. Select the recommended approach and explain why alternatives were not chosen.
  4. Mark decisions as reversible, partially reversible, or hard to reverse.
  1. 当存在重要选择时,确定2-3种可行的架构方案。
  2. 从可扩展性、安全性、成本、可维护性、复杂度和团队适配性等维度进行比较。
  3. 选择推荐方案并说明未选择其他方案的原因。
  4. 将决策标记为可逆转、部分可逆转或难以逆转。

Phase 3: Target Architecture

阶段3:目标架构设计

  1. Define context, containers, components, and responsibilities.
  2. Define data ownership, persistence, caching, events, files, search, analytics, or model-context stores.
  3. Define integration patterns, contracts, protocols, failure handling, and versioning.
  4. Define deployment topology, environments, configuration, secrets, and operational boundaries.
  1. 定义上下文、容器、组件和职责。
  2. 定义数据所有权、持久化、缓存、事件、文件、搜索、分析或模型上下文存储。
  3. 定义集成模式、契约、协议、故障处理和版本控制。
  4. 定义部署拓扑、环境、配置、密钥和运营边界。

Phase 4: Risk and Validation

阶段4:风险与验证

  1. Identify bottlenecks, attack vectors, operational risks, migration risks, and cost drivers.
  2. Add mitigations, observability signals, test strategy, and proof-of-concept recommendations.
  3. Define acceptance evidence for architecture readiness.
  4. Produce an implementation handoff that downstream planners or builders can execute.
  1. 识别瓶颈、攻击向量、运营风险、迁移风险和成本驱动因素。
  2. 添加缓解措施、可观测性指标、测试策略和概念验证建议。
  3. 定义架构就绪的验收标准。
  4. 生成可供下游规划者或构建者执行的实施交接文档。

Required Output Structure

要求的输出结构

Use this structure unless the user asks for a narrower deliverable:
markdown
undefined
除非用户要求更窄范围的交付物,否则请使用以下结构:
markdown
undefined

<Solution Architecture Title>

<解决方案架构标题>

1. Executive Summary

1. 执行摘要

  • Objective:
  • Recommended architecture:
  • Primary constraints:
  • Highest-risk decisions:
  • Open questions:
  • 目标:
  • 推荐架构:
  • 主要约束:
  • 最高风险决策:
  • 待解决问题:

2. Inputs Reviewed

2. 已评审输入

  • Source requirements or specs:
  • Assumptions:
  • Non-goals:
  • Architecture-impacting unknowns:
  • 来源需求或规格:
  • 假设:
  • 非目标:
  • 影响架构的未知项:

3. Architecture Overview

3. 架构概述

  • Conceptual description:
  • Context view:
  • Container/deployment view:
  • Component view:
  • 概念描述:
  • 上下文视图:
  • 容器/部署视图:
  • 组件视图:

4. Recommended Stack and Capabilities

4. 推荐技术栈与能力

LayerRecommended Capability or TechnologyWhyAlternatives Considered
层级推荐能力或技术理由备选方案

5. Component Responsibilities

5. 组件职责

ComponentResponsibilityOwnsDepends OnScaling/Runtime Notes
组件职责所有权依赖项扩容/运行时说明

6. Data Architecture

6. 数据架构

  • Core data domains:
  • Data ownership:
  • Persistence model:
  • Caching/search/vector/analytics model:
  • Retention, privacy, and deletion:
  • Consistency model:
  • 核心数据领域:
  • 数据所有权:
  • 持久化模型:
  • 缓存/搜索/向量/分析模型:
  • 留存、隐私与删除规则:
  • 一致性模型:

7. Integration and Runtime Flows

7. 集成与运行时流程

Flow: <Critical Flow Name>

流程:<关键流程名称>

  1. <Step>
  2. <Step>
  3. <Step>
  1. <步骤>
  2. <步骤>
  3. <步骤>

8. Security and Threat Model

8. 安全与威胁模型

Threat or RiskImpactMitigationResidual RiskValidation
威胁或风险影响缓解措施剩余风险验证方式

9. Scalability, Reliability, and Operations

9. 可扩展性、可靠性与运营

  • Scalability model:
  • Failure handling:
  • Observability:
  • Deployment and rollback:
  • Backup and recovery:
  • Cost drivers:
  • 可扩展性模型:
  • 故障处理:
  • 可观测性:
  • 部署与回滚:
  • 备份与恢复:
  • 成本驱动因素:

10. Architecture Decisions

10. 架构决策

DecisionRecommendationRationaleTradeoffsReversibility
决策项推荐方案理由权衡因素可逆转性

11. Alternatives Rejected

11. 已否决的备选方案

AlternativeWhy NotWhen to Reconsider
备选方案否决理由重新考虑的场景

12. Implementation Handoff

12. 实施交接

  • First architecture runway tasks:
  • Proofs or spikes required:
  • Contracts to define first:
  • Guardrails for implementation agents:
  • Verification evidence expected:
  • 首批架构落地任务:
  • 需要的验证或探索性任务:
  • 需优先定义的契约:
  • 实施Agent的防护规则:
  • 预期的验证证据:

13. Traceability to Requirements

13. 需求追溯

Requirement or Spec SectionArchitecture ComponentDecisionValidation Evidence
undefined
需求或规格章节架构组件决策项验证证据
undefined

Quality Bar

质量标准

Before finalizing, verify that the architecture:
  • Directly addresses the stated requirements and non-functional constraints.
  • Names clear component, data, and integration boundaries.
  • Explains why the recommended approach is better than realistic alternatives.
  • Includes security, reliability, cost, and operational considerations.
  • Avoids unnecessary technology specificity when capabilities are enough.
  • Gives downstream implementation or planning agents enough structure to proceed.
  • Clearly marks open questions, assumptions, and decisions that need human approval.
在最终确定前,请验证架构是否满足以下要求:
  • 直接满足明确的需求和非功能约束。
  • 明确界定组件、数据和集成边界。
  • 说明推荐方案优于其他可行备选方案的原因。
  • 涵盖安全、可靠性、成本和运营方面的考量。
  • 在能力足够的情况下,避免不必要的技术细节。
  • 为下游实施或规划Agent提供足够的结构化指导以推进工作。
  • 清晰标记待解决问题、假设和需要人工审批的决策。

Present Results to User

向用户呈现结果

When presenting the result, lead with the recommended architecture and the most important tradeoffs. Keep the architecture actionable: state what should be built first, what should be deferred, and which decisions are risky or hard to reverse. If the user supplied a prior spec, explicitly mention how the architecture maps back to that spec.
呈现结果时,首先展示推荐的架构和最重要的权衡因素。确保架构具备可操作性:说明应优先构建的内容、可延后的内容,以及哪些决策存在风险或难以逆转。如果用户提供了前期规格文档,需明确说明架构如何与该规格文档对应。

Troubleshooting

故障排除

  • Requirements are vague: Create a concise assumption-backed architecture and list blockers separately.
  • User asks for a specific technology: Evaluate it fairly against constraints instead of accepting it blindly.
  • Architecture is becoming too large: identify the smallest viable architecture, then list optional evolution paths.
  • Security context is missing: mark data classification, identity model, tenant boundaries, and compliance needs as assumptions or open questions.
  • LLM/agent behavior is underspecified: define model boundaries, tool permissions, context sources, validation, and human approval thresholds before recommending implementation.
  • 需求模糊:基于明确的假设创建简洁的架构,并单独列出阻塞点。
  • 用户要求特定技术:根据约束条件公平评估该技术,而非盲目接受。
  • 架构过于庞大:确定最小可行架构,然后列出可选的演进路径。
  • 缺少安全上下文:将数据分类、身份模型、租户边界和合规需求标记为假设或待解决问题。
  • LLM/Agent行为未明确:在推荐实施前,先定义模型边界、工具权限、上下文来源、验证规则和人工审核阈值。