---

name: analysis description: Analyze feature requirements, dependencies, and security considerations. Use when starting feature implementation from GitHub issues to understand scope, technical feasibility, and risks. allowed-tools:

• Read
• Grep
• Glob
• Bash
• mcp__github-mcp__get_issue
• mcp__github-mcp__get_issue_comments
• mcp__github-mcp__search_issues

---

Feature Analysis Skill

Purpose

This skill provides systematic analysis of feature requirements from GitHub issues, evaluating technical feasibility, dependencies, security implications, and implementation scope.

When to Use

• Starting feature implementation from a GitHub issue
• Need to understand requirements and acceptance criteria
• Evaluating technical approach and dependencies
• Identifying security considerations early
• Scoping effort and potential risks

Analysis Workflow

1. Requirements Extraction

From GitHub Issue:

• Parse issue title, description, and acceptance criteria
• Extract functional and non-functional requirements
• Identify user stories and use cases
• Review issue comments for clarifications
• Check linked issues and dependencies

Deliverable: Structured requirements list with priorities

2. Technical Stack Evaluation

Assess Technology Fit:

• Review project's TECH-STACK.md for current technologies
• Identify required libraries/frameworks
• Check version compatibility
• Evaluate performance implications
• Consider maintenance burden

Tools to Use:

• Read TECH-STACK.md and relevant documentation
• Use scripts/analyze_deps.py for dependency analysis
• Grep codebase for similar patterns

Deliverable: Technology recommendations with rationale

3. Dependency Analysis

Identify Dependencies:

• External libraries (pip/npm/cargo packages)
• Internal modules and services
• Database schema changes
• API contracts
• Configuration requirements

Check for Conflicts:

# Use the analyze_deps script
python scripts/analyze_deps.py --feature <feature-name>

Deliverable: Dependency map with conflict analysis

4. Security Assessment

Review Security Implications:

• Authentication/authorization requirements
• Input validation needs
• Data sensitivity (PII, credentials, etc.)
• API security (rate limiting, CORS, etc.)
• Dependency vulnerabilities

Use Checklist: Refer to security-checklist.md for systematic review

Deliverable: Security risk assessment and mitigation plan

5. Scope Definition

Define Boundaries:

• Core functionality (must-have)
• Extended functionality (should-have)
• Future enhancements (could-have)
• Out of scope (won't-have)

Estimate Complexity:

• Lines of code (rough estimate)
• Number of modules/files
• Test coverage requirements
• Documentation needs

Deliverable: Scope statement with effort estimate

Output Format

Create an analysis report with:

# Feature Analysis: [Feature Name]

## Requirements Summary
- [ ] Requirement 1
- [ ] Requirement 2
...

## Technical Approach
**Recommended Stack:** Python 3.9+, pytest, pydantic
**Key Libraries:** [list]
**Architecture Pattern:** [pattern]

## Dependencies
**External:**
- package-name==version (reason)

**Internal:**
- module.submodule (reason)

## Security Considerations
**Risk Level:** Low/Medium/High
**Key Concerns:**
- [concern 1]: [mitigation]

## Scope
**In Scope:**
- [feature 1]

**Out of Scope:**
- [deferred item]

**Effort Estimate:** [hours/days]

## Recommendations
1. [Recommendation 1]
2. [Recommendation 2]

Best Practices

Requirements Analysis:

• Always check requirements-checklist.md for completeness
• Clarify ambiguous requirements before proceeding
• Document assumptions explicitly
• Consider edge cases and error scenarios

Technical Evaluation:

• Prefer existing project patterns over new approaches
• Consider maintainability over cleverness
• Check for similar existing implementations
• Evaluate performance implications early

Security First:

• Run security-checklist.md for all features
• Flag high-risk items for review
• Never skip input validation planning
• Consider data privacy implications

Scope Management:

• Be conservative with estimates
• Identify MVP vs. enhanced features
• Call out dependencies that block progress
• Document what's explicitly out of scope

Supporting Resources

• requirements-checklist.md: Systematic requirements validation
• security-checklist.md: Security considerations framework
• scripts/analyze_deps.py: Automated dependency analysis

Example Usage

# 1. Fetch issue details
Use mcp__github-mcp__get_issue to retrieve issue #<number>

# 2. Review requirements
Work through requirements-checklist.md systematically

# 3. Analyze dependencies
python scripts/analyze_deps.py --feature feature-name

# 4. Security review
Complete security-checklist.md

# 5. Generate analysis report
Create report in docs/implementation/feature-name-analysis.md

Integration with Feature Implementation Flow

Input: GitHub issue number Process: Systematic analysis using checklists and scripts Output: Analysis report + recommendations Next Step: Design skill for architecture planning