Productionalize workflow
Parallel, map-reduce style analysis that produces readiness reports and agent-ready remediation tasks.
Phases
- Gather Signals — Detect stack, package manager, CI/CD, tests, Docker/IaC
- Researcher — Web search for compliance standards (SOC 2, OWASP ASVS, NIST SSDF, SRE)
- Scanner — Optional SAST (Semgrep, Gitleaks, Trivy)
- Planner — Create analysis subtasks per category
- Workers — Parallel category execution (code, web, scan sources)
- Aggregator — Synthesize findings into Markdown
- Prompt Generator — Agent-ready remediation tasks
Categories:
- Core:
security,soc2,code-quality,dependencies,testing,configuration - Dynamic (auto):
container-security,infrastructure-as-code,ci-cd
Outputs (.ship-spec/outputs/):
report-<timestamp>.md— Production Readiness Reporttask-prompts-<timestamp>.md— Agent-ready remediation tasks- Symlinks:
latest-report.md,latest-task-prompts.md