Pavan Aripakula

Audits web and mobile applications for accessibility compliance (WCAG 2.1). Checks keyboard navigation, screen reader support, color contrast, focus management, and semantic markup. Use when reviewing UI code, building new components, or preparing for accessibility audits.

Designs and reviews APIs (REST, GraphQL, RPC). Covers endpoint design, request/response schemas, error handling, versioning, pagination, and documentation. Use when designing new APIs, reviewing API changes, or establishing API conventions.

Integrates with third-party APIs and services - client design, authentication flows, rate limit handling, webhook processing, retry logic, and vendor abstraction. Use when consuming external APIs, handling webhooks, or wrapping third-party SDKs.

Designs system architecture for new features. Defines data flow, component boundaries, threading/concurrency model, and key design decisions. Use when making architecture decisions, adding new systems, or evaluating design patterns.

Designs asynchronous workflows - message queues, event-driven architecture, pub/sub, background jobs, webhooks, and eventual consistency. Use when building systems that process work asynchronously, communicate via events, or need to decouple producers from consumers.

Enforces software design principles including separation of concerns, error handling patterns, thread safety, and code quality standards. Use when writing new code, reviewing patterns, or making design decisions.

Investigates and resolves bugs using structured diagnosis. Categorizes by system, traces root cause, proposes minimal fix, and suggests prevention. Use when debugging issues or investigating unexpected behavior.

Helps build, run, test, and deploy the project. Provides common commands, environment checks, and release checklists. Use when building, deploying, or troubleshooting build issues.

Designs and reviews caching strategies. Covers cache placement, invalidation patterns, TTL design, cache stampede prevention, and common caching anti-patterns. Use when adding caching, debugging stale data, or reviewing cache implementation.

Designs and reviews CI/CD pipelines. Covers build automation, test stages, deployment gates, caching, secrets management, and pipeline optimization. Use when setting up pipelines, debugging CI failures, or improving build times.

Designs application configuration strategy. Covers environment variables, feature flags, config files, secrets management, and configuration validation. Use when setting up configuration, managing environments, or reviewing config practices.

Designs and reviews containerization with Docker. Covers Dockerfile best practices, image optimization, multi-stage builds, Docker Compose for development, health checks, and security hardening. Use when containerizing applications, optimizing images, or reviewing Docker configurations.

Designs database schemas, reviews queries, plans migrations, and optimizes data access patterns. Covers relational modeling, indexing strategy, normalization, and common anti-patterns. Use when designing schemas, writing complex queries, or diagnosing database performance issues.

Designs domain models, entity relationships, and data shapes before writing code or schemas. Covers entity identification, relationship mapping, aggregate design, and access pattern validation. Use when designing data structures for new features or systems.

Designs ETL/ELT pipelines, batch processing, and data flows between systems. Covers idempotency, schema drift, backfill strategies, failure recovery, and data quality checks. Use when building data ingestion, transformation, or sync pipelines.

Diagnoses and fixes latency issues across the full request/response path. Traces from user action to visible feedback across all system layers. Use when investigating lag, slow responses, or latency complaints.

Safely updates project dependencies. Checks for breaking changes, security vulnerabilities, and compatibility issues. Generates update plans with risk assessment. Use when updating packages, auditing outdated dependencies, or responding to security advisories.

Guides deployment processes including pre-deploy checks, deployment strategies, rollback procedures, and post-deploy verification. Use when deploying to staging or production, setting up deployment pipelines, or troubleshooting deployment issues.

Sets up the development environment on a new workstation. Covers required tools, dependencies, configuration, and common troubleshooting. Use when onboarding to a project or troubleshooting build environment issues.

Generates and reviews technical documentation including API docs, architecture decision records, runbooks, and inline code documentation. Use when writing docs, reviewing doc coverage, or creating onboarding materials.

Designs error handling strategies across application layers. Covers error types, propagation patterns, user-facing errors, retry logic, circuit breakers, and graceful degradation. Use when designing error handling, reviewing error paths, or debugging error propagation issues.

Breaks down work into estimable units and identifies risks. Produces task breakdowns with complexity assessment, dependency mapping, and risk flags. Use when planning sprints, estimating features, or scoping projects.

Manages the full lifecycle of feature flags - creation, progressive rollout, kill switches, percentage ramps, user targeting, and cleanup. Use when releasing features behind flags, managing rollouts, or cleaning up stale flags.

Recovers from git disasters - force-pushed over work, broken rebase, detached HEAD, lost commits, bad merges, and accidentally deleted branches. Use when git state is broken and you need to recover work without making things worse.

Guides internationalization (i18n) and localization (l10n) implementation. Covers string extraction, locale handling, date/number/currency formatting, RTL support, and translation workflows. Use when adding multi-language support or reviewing i18n implementation.

Designs and reviews Infrastructure as Code - Terraform/Pulumi/CloudFormation patterns, state management, module design, change safety, and drift detection. Use when provisioning infrastructure, reviewing IaC changes, or debugging infrastructure issues.

Guides incident response and post-mortem analysis. Covers triage, mitigation, root cause analysis, and prevention. Use when responding to active incidents, writing post-mortems, or improving incident processes.

Designs and executes load, stress, and soak tests. Covers target definition, realistic traffic simulation, bottleneck identification, and capacity planning. Use when validating system performance under load or planning for traffic growth.

Designs structured logging strategies. Covers log levels, formatting, correlation IDs, sensitive data handling, log aggregation, and debugging with logs. Use when setting up logging, debugging production issues, or reviewing logging practices.

Plans and executes data, schema, or system migrations safely. Covers database migrations, API version transitions, dependency upgrades, and platform moves. Use when migrating data, upgrading major versions, or transitioning between systems.

Designs monitoring and alerting systems. Covers metric selection, dashboard design, alert rules, SLOs/SLIs, on-call runbooks, and observability architecture. Use when setting up monitoring, defining SLOs, creating dashboards, or improving alerting.

Uses traces, logs, and metrics together to diagnose production issues. Covers correlation techniques, distributed tracing analysis, log query patterns, and the workflow from alert to root cause. Use when investigating production issues, analyzing incidents, or debugging distributed systems.

Generates project onboarding guides by analyzing the codebase. Produces architecture overview, key file map, common workflows, and "where to look" reference. Use when someone new joins the project or when you need a codebase overview.

Performs performance audits. Checks response times, memory usage, CPU utilization, algorithmic complexity, and resource management. Use when investigating slowness, memory leaks, or optimizing performance.

Evaluates whether the current development phase is complete and ready to move to the next phase. Checks deliverables and gate criteria against the project plan. Use when assessing milestone readiness or planning the next phase.

Prepares code for review - PR sizing, self-review, description writing, stacking PRs, and making reviewers' jobs easy. Use when preparing to open a pull request or when PRs are getting slow reviews.

Generates structured QA and user testing session guides with observation checklists, success metrics, and red flags. Adapts to current build state. Use when preparing for or analyzing a QA session or user test.

Plans and executes safe code refactoring. Identifies code smells, proposes transformations, ensures behavior preservation, and validates with tests. Use when restructuring code, extracting modules, or cleaning up technical debt.

Reviews code for correctness, performance, security, efficiency, and maintainability. Multi-pass review covering architecture, bugs, security holes, performance traps, code cleanliness, and test quality. Use when reviewing code changes, pull requests, or when the user asks for a code review.

Executes safe rollbacks across code, database, config, and feature flags. Provides decision framework for roll-back vs fix-forward, execution playbooks, and verification steps. Use when a deployment needs to be reversed or when deciding between rollback and fix-forward.

Manages backward and forward-compatible schema changes across APIs, databases, event contracts, and serialization formats. Covers the expand-contract pattern, compatibility rules, and multi-consumer coordination. Use when changing data formats that have existing producers or consumers.

Evaluates proposed features or additions against the project's core purpose. Prevents feature creep by checking if an idea serves the core goals, adds complexity, fits the existing architecture, or requires ongoing maintenance. Use when considering new features, enhancements, or design changes.

Performs security audits against OWASP Top 10 and common vulnerability patterns. Checks authentication, authorization, input validation, secrets management, and dependency vulnerabilities. Use when reviewing security posture or before a release.

Designs client-side state architecture - what lives where, how it syncs with the server, how conflicts resolve, and how to avoid common pitfalls. Use when designing state for web or mobile apps, debugging state issues, or choosing state management patterns.

Identifies, categorizes, prioritizes, and plans paydown of technical debt. Covers making the business case, sequencing alongside feature work, and tracking progress. Use when auditing tech debt, planning maintenance work, or justifying refactoring to stakeholders.

Documents and evaluates technology decisions. Covers language, framework, infrastructure choices, and dependency management. Use when making technology choices, evaluating new dependencies, or onboarding to the project.

Manages observability including error tracking, logging, metrics, and analytics. Covers instrumentation strategy, event definitions, and monitoring setup. Use when setting up monitoring, instrumenting events, or debugging production issues.

Defines testing strategy and helps write tests. Covers what is unit testable, what requires manual or integration testing, test structure, and testing principles. Use when writing tests, deciding what to test, or reviewing test coverage.

Enforces git branching strategy, PR process, and merge rules. Covers branch naming, commit conventions, PR creation, CI requirements, and the merge-to-main checklist. Use when creating branches, making commits, opening PRs, or merging code.