Examples
This guide showcases real-world APM workflows, from simple automation to enterprise-scale AI development patterns. Learn through practical examples that demonstrate the power of structured AI workflows.
Before & After: Traditional vs APM
Section titled “Before & After: Traditional vs APM”Traditional Approach (Unreliable)
Section titled “Traditional Approach (Unreliable)”Manual Prompting:
"Add authentication to the API"Problems:
- Inconsistent results each time
- No context about existing code
- Manual guidance required for each step
- No reusable patterns
- Different developers get different implementations
APM Approach (Reliable)
Section titled “APM Approach (Reliable)”Structured Workflow (.prompt.md):
---description: Implement secure authentication systemmode: backend-devmcp: - ghcr.io/github/github-mcp-serverinput: [auth_method, session_duration]---
# Secure Authentication Implementation
## Context LoadingReview `security standards` and `existing auth patterns`.
## Implementation Requirements- Use ${input:auth_method} authentication- Session duration: ${input:session_duration}- Follow `security checklist`
## Validation Gates🚨 **STOP**: Confirm security review before implementation
## Implementation Steps1. Set up JWT token system with proper secret management2. Implement secure password hashing using bcrypt3. Create session management with Redis backend4. Add logout and token revocation functionality5. Implement rate limiting on auth endpoints6. Add comprehensive logging for security events
## Testing Requirements- Unit tests for all auth functions- Integration tests for complete auth flow- Security penetration testing- Load testing for auth endpointsExecute:
apm run implement-auth --param auth_method=jwt --param session_duration=24hBenefits:
- Consistent, reliable results
- Contextual awareness of existing codebase
- Security standards automatically applied
- Reusable across projects
- Team knowledge embedded
Multi-Step Feature Development
Section titled “Multi-Step Feature Development”APM enables complex workflows that chain multiple AI interactions:
Example: Complete Feature Implementation
Section titled “Example: Complete Feature Implementation”# 1. Generate specification from requirementsapm run create-spec --param feature="user-auth"---description: Generate technical specification from feature requirementsmode: architectinput: [feature]---
# Technical Specification Generator
## Requirements AnalysisGenerate a comprehensive technical specification for: ${input:feature}
## Specification Sections Required1. **Functional Requirements** - What the feature must do2. **Technical Design** - Architecture and implementation approach3. **API Contracts** - Endpoints, request/response formats4. **Database Schema** - Data models and relationships5. **Security Considerations** - Authentication, authorization, validation6. **Testing Strategy** - Unit, integration, and e2e test plans7. **Performance Requirements** - Load expectations and optimization8. **Deployment Plan** - Rollout strategy and monitoring
## Context Sources- Review `existing architecture`- Follow `API design standards`- Apply `security guidelines`
## Output FormatCreate `specs/${input:feature}.spec.md` following our specification template.# 2. Review and validate specificationapm run review-spec --param spec="specs/user-auth.spec.md"# 3. Implement feature following specificationapm run implement --param spec="specs/user-auth.spec.md"# 4. Generate comprehensive testsapm run test-feature --param feature="user-authentication"Each step leverages your project’s Context for consistent, reliable results that build upon each other.
Enterprise Use Cases
Section titled “Enterprise Use Cases”Legal Compliance Package
Section titled “Legal Compliance Package”Scenario: Fintech company needs GDPR compliance across all projects
---applyTo: "**/*.{py,js,ts}"---
# GDPR Compliance Standards
## Data Processing Requirements- Explicit consent for all data collection- Data minimization principles- Right to be forgotten implementation- Data portability support- Breach notification within 72 hours
## Implementation Checklist- [ ] Personal data encryption at rest and in transit- [ ] Audit logging for all data access- [ ] User consent management system- [ ] Data retention policies enforced- [ ] Regular security assessments scheduled
## Code Pattern Requirements```python# Required pattern for user data handling@gdpr_compliant@audit_loggeddef process_user_data(user_data: UserData, consent: ConsentRecord): validate_consent(consent) return secure_process(user_data)```yaml---description: Comprehensive GDPR compliance auditmode: legal-complianceinput: [scope]---
# GDPR Compliance Audit
## Audit ScopeReview ${input:scope} for GDPR compliance violations.
## Audit Areas1. **Data Collection Points** - Identify all user data capture2. **Consent Management** - Verify explicit consent mechanisms3. **Data Storage** - Check encryption and access controls4. **Data Processing** - Validate lawful basis for processing5. **User Rights** - Confirm right to access/delete/portability6. **Breach Response** - Verify notification procedures
## Compliance ReportGenerate detailed findings with:- ✅ Compliant areas- ⚠️ Areas needing attention- ❌ Critical violations requiring immediate action- 📋 Recommended remediation stepsUsage across projects:
# Audit new feature for complianceapm run gdpr-audit --param scope="user-profile-feature"
# Generate compliance documentationapm run compliance-docs --param regulations="GDPR,CCPA"Code Review Package
Section titled “Code Review Package”Scenario: Engineering team needs consistent code quality standards
---name: "Senior Code Reviewer"model: "gpt-4"tools: ["file-manager", "git-analysis"]expertise: ["security", "performance", "maintainability"]---
You are a senior software engineer with 10+ years experience conducting thorough code reviews.
## Review Focus Areas- **Security**: Identify vulnerabilities and attack vectors- **Performance**: Spot efficiency issues and optimization opportunities- **Maintainability**: Assess code clarity, documentation, and structure- **Best Practices**: Enforce team coding standards and patterns
## Review Style- Constructive and educational feedback- Specific, actionable recommendations- Code examples for suggested improvements- Balance between thoroughness and development velocity---description: Comprehensive security code reviewmode: senior-reviewerinput: [files, severity_threshold]---
# Security Code Review
## Review ScopeAnalyze ${input:files} for security vulnerabilities with ${input:severity_threshold} minimum severity.
## Security Checklist- [ ] **Input Validation** - All user inputs properly sanitized- [ ] **Authentication** - Secure authentication implementation- [ ] **Authorization** - Proper access control enforcement- [ ] **Encryption** - Sensitive data encrypted appropriately- [ ] **SQL Injection** - Parameterized queries used- [ ] **XSS Prevention** - Output properly encoded- [ ] **CSRF Protection** - Anti-CSRF tokens implemented- [ ] **Secrets Management** - No hardcoded credentials
## Report FormatFor each finding provide:1. **Severity Level** (Critical/High/Medium/Low)2. **Vulnerability Description** - What the issue is3. **Impact Assessment** - Potential consequences4. **Code Location** - Exact file and line numbers5. **Remediation Steps** - How to fix the issue6. **Example Fix** - Code showing the correctionTeam Usage:
# Pre-merge security reviewapm run security-review --param files="src/auth/**" --param severity_threshold="medium"
# Performance review for critical pathapm run performance-review --param files="src/payment-processing/**"
# Full feature review before releaseapm run feature-review --param feature="user-dashboard"Onboarding Package
Section titled “Onboarding Package”Scenario: Quickly get new developers productive with company standards
# Development Standards at AcmeCorp
## Tech Stack- **Backend**: Python FastAPI, PostgreSQL, Redis- **Frontend**: React TypeScript, Tailwind CSS- **Infrastructure**: AWS, Docker, Kubernetes- **CI/CD**: GitHub Actions, Terraform
## Code Organization- Domain-driven design with clean architecture- Repository pattern for data access- Event-driven communication between services- Comprehensive testing with pytest and Jest
## Security Standards- Zero-trust security model- All API endpoints require authentication- Sensitive data encrypted with AES-256- Regular security audits and penetration testing---description: Interactive developer onboarding experiencemode: tech-leadinput: [developer_name, role, experience_level]---
# Welcome ${input:developer_name}!
## Your Onboarding JourneyWelcome to the engineering team! I'll help you get productive quickly.
**Your Role**: ${input:role}**Experience Level**: ${input:experience_level}
## Step 1: Environment SetupLet me guide you through setting up your development environment:
1. **Repository Access** - Clone main repositories2. **Local Development** - Set up Docker development environment3. **IDE Configuration** - Configure VSCode with team extensions4. **Database Setup** - Connect to development database5. **API Keys** - Set up necessary service credentials
## Step 2: Codebase TourI'll walk you through our architecture:- `Company Standards`- `API Patterns`- `Testing Guidelines`
## Step 3: First TasksBased on your experience level, here are your starter tasks:${experience_level == "senior" ? "Architecture review and team mentoring" : "Bug fixes and small feature implementation"}
## Step 4: Team Integration- Schedule 1:1s with team members- Join relevant Slack channels- Set up recurring team meetings
Ready to start? Let's begin with environment setup!Usage:
# Personalized onboarding for new hireapm run onboard-developer \ --param developer_name="Alice" \ --param role="Backend Engineer" \ --param experience_level="mid-level"Real-World Workflow Patterns
Section titled “Real-World Workflow Patterns”API Development Workflow
Section titled “API Development Workflow”Complete API development from design to deployment:
# 1. Design API specificationapm run api-design --param endpoint="/users" --param operations="CRUD"
# 2. Generate implementation skeletonapm run api-implement --param spec="specs/users-api.spec.md"
# 3. Add comprehensive testsapm run api-tests --param endpoint="/users"
# 4. Security reviewapm run security-review --param files="src/api/users/**"
# 5. Performance optimizationapm run optimize-performance --param endpoint="/users" --param target_latency="100ms"
# 6. Documentation generationapm run api-docs --param spec="specs/users-api.spec.md"Bug Fix Workflow
Section titled “Bug Fix Workflow”Systematic approach to bug resolution:
# 1. Bug analysis and reproductionapm run analyze-bug --param issue_id="GH-123"
# 2. Root cause investigationapm run root-cause --param symptoms="slow_api_response" --param affected_endpoints="/search"
# 3. Fix implementation with testsapm run implement-fix --param bug_analysis="analysis/GH-123.md"
# 4. Regression testingapm run regression-test --param fix_areas="search,performance"
# 5. Release preparationapm run prepare-hotfix --param fix_id="GH-123" --param target_environment="production"Documentation Workflow
Section titled “Documentation Workflow”Keep documentation synchronized with code:
# Auto-update docs when code changesapm run sync-docs --param changed_files="src/api/**"
# Generate comprehensive API documentationapm run generate-api-docs --param openapi_spec="openapi.yaml"
# Create tutorial from working examplesapm run create-tutorial --param example_dir="examples/authentication"
# Update architecture diagramsapm run update-architecture --param components="auth,payment,user-management"Performance Optimization Examples
Section titled “Performance Optimization Examples”High-Performance Code Generation
Section titled “High-Performance Code Generation”---description: Optimize code for performance and scalabilitymode: performance-engineerinput: [target_files, performance_goals]---
# Performance Optimization
## Optimization TargetsFiles: ${input:target_files}Goals: ${input:performance_goals}
## Analysis Areas1. **Algorithm Complexity** - Identify O(n²) operations2. **Database Queries** - Find N+1 query problems3. **Memory Usage** - Spot memory leaks and inefficient allocations4. **I/O Operations** - Optimize file and network operations5. **Caching Opportunities** - Add strategic caching layers
## Optimization Techniques- Database query optimization with proper indexing- Implement response caching with Redis- Add database connection pooling- Optimize serialization/deserialization- Implement lazy loading for expensive operations- Add performance monitoring and alerting
## BenchmarkingBefore and after performance measurements required:- Response time percentiles (p50, p95, p99)- Memory usage patterns- CPU utilization under load- Database query execution timesAdvanced Enterprise Patterns
Section titled “Advanced Enterprise Patterns”Multi-Repository Consistency
Section titled “Multi-Repository Consistency”Scenario: Ensure consistency across microservices
# Synchronize API contracts across servicesapm run sync-contracts --param services="user-service,payment-service,notification-service"
# Update shared libraries across repositoriesapm run update-shared-libs --param version="2.1.0" --param repositories="all-backend-services"
# Consistent logging and monitoring setupapm run setup-observability --param services="production-services" --param monitoring_level="full"Compliance and Governance
Section titled “Compliance and Governance”# Regular compliance auditsapm run compliance-audit --param regulations="SOX,GDPR,PCI-DSS" --param scope="financial-services"
# Security posture assessmentapm run security-assessment --param severity="all" --param scope="customer-facing-apis"
# Code quality governanceapm run quality-gate --param threshold="A" --param coverage_min="85%" --param security_scan="required"Next Steps
Section titled “Next Steps”Ready to build your own workflows? Check out:
- Context Guide - Learn to build custom workflows
- Integrations Guide - Connect with your existing tools
- Getting Started - Set up your first project
Or explore the complete framework at AI-Native Development Guide!