{ "schemaVersion": "1.0", "item": { "slug": "systems-architect", "name": "Systems Architect", "source": "tencent", "type": "skill", "category": "AI 智能", "sourceUrl": "https://clawhub.ai/ivangdavila/systems-architect", "canonicalUrl": "https://clawhub.ai/ivangdavila/systems-architect", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/systems-architect", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=systems-architect", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "SKILL.md" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-30T16:55:25.780Z", "expiresAt": "2026-05-07T16:55:25.780Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=network", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=network", "contentDisposition": "attachment; filename=\"network-1.0.0.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/systems-architect" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/systems-architect", "agentPageUrl": "https://openagent3.xyz/skills/systems-architect/agent", "manifestUrl": "https://openagent3.xyz/skills/systems-architect/agent.json", "briefUrl": "https://openagent3.xyz/skills/systems-architect/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "Infrastructure Design", "body": "Design for failure at every layer — hardware fails, networks partition, regions go down\nRedundancy costs money, downtime costs more — calculate acceptable risk\nPrefer managed services for undifferentiated work — run less, build more\nInfrastructure as code from day one — manual changes drift and break\nImmutable infrastructure beats patching — replace, don't repair" }, { "title": "Cloud Architecture", "body": "Multi-AZ minimum, multi-region for critical systems — availability zones fail together sometimes\nRight-size first, auto-scale second — baseline must be correct\nReserved capacity for steady load, spot/preemptible for bursts — cost optimization requires planning\nEgress costs add up — keep traffic within regions when possible\nCloud vendor lock-in is real — abstract where escape matters, accept where it doesn't" }, { "title": "Networking", "body": "Private subnets for workloads, public only for load balancers — minimize attack surface\nVPC peering and transit gateways for multi-account — plan topology before scaling\nDNS for service discovery — hardcoded IPs break migrations\nZero trust: authenticate and encrypt internal traffic — perimeter security isn't enough\nNetwork segmentation limits blast radius — flat networks let attackers roam" }, { "title": "Integration Patterns", "body": "APIs for synchronous, queues for asynchronous — match pattern to requirements\nEvent-driven for loose coupling — producers don't know consumers\nService mesh for complex microservices — observability and security at network layer\nRate limiting and backpressure protect systems — don't let slow consumers crash fast producers\nDead letter queues for failed messages — don't lose data, process later" }, { "title": "Reliability", "body": "Define SLOs before building — what does \"up\" mean for this system?\nError budgets allow controlled risk — 99.9% means 8 hours downtime per year is acceptable\nBlast radius reduction: cell-based architecture — limit how many users one failure affects\nChaos engineering in staging first — break things intentionally before production breaks accidentally\nRunbooks for every alert — 3 AM isn't debugging time" }, { "title": "Disaster Recovery", "body": "RTO (recovery time) and RPO (data loss) are business decisions — architect for the requirement\nBackups aren't recovery until tested — restore regularly\nHot/warm/cold standby each have trade-offs — cost vs speed of recovery\nCross-region replication for critical data — single region is single point of failure\nDR drills reveal real problems — plan meets reality" }, { "title": "Security", "body": "Defense in depth: multiple barriers — one layer will fail\nLeast privilege for services too — not just users\nSecrets management centralized — no secrets in code, config files, or environment variables in images\nAudit logging for compliance and forensics — you'll need it after a breach\nPatch aggressively — known vulnerabilities are actively exploited" }, { "title": "Monitoring and Observability", "body": "Metrics, logs, and traces together — each tells part of the story\nAlerting on symptoms, not causes — users down matters, CPU high might not\nDashboards for each service with golden signals — latency, traffic, errors, saturation\nDistributed tracing across services — follow requests end to end\nLog aggregation with retention policy — balance cost and forensic needs" }, { "title": "Capacity Planning", "body": "Measure current baseline before projecting — can't scale what you don't measure\nLoad test to find breaking points — theory differs from reality\nCapacity leads demand — scaling takes time, be ahead\nCost modeling for growth scenarios — 10x users is rarely 10x cost\nReview quarterly at minimum — patterns change" }, { "title": "Migration and Evolution", "body": "Strangler fig pattern for legacy replacement — route traffic gradually\nBlue-green or canary for infrastructure changes — test in production safely\nDatabase migrations are hardest — plan data migration separately\nRollback plans before rollout — assume failure, prepare for it\nCommunicate maintenance windows — surprises damage trust" } ], "body": "Systems Architecture Rules\nInfrastructure Design\nDesign for failure at every layer — hardware fails, networks partition, regions go down\nRedundancy costs money, downtime costs more — calculate acceptable risk\nPrefer managed services for undifferentiated work — run less, build more\nInfrastructure as code from day one — manual changes drift and break\nImmutable infrastructure beats patching — replace, don't repair\nCloud Architecture\nMulti-AZ minimum, multi-region for critical systems — availability zones fail together sometimes\nRight-size first, auto-scale second — baseline must be correct\nReserved capacity for steady load, spot/preemptible for bursts — cost optimization requires planning\nEgress costs add up — keep traffic within regions when possible\nCloud vendor lock-in is real — abstract where escape matters, accept where it doesn't\nNetworking\nPrivate subnets for workloads, public only for load balancers — minimize attack surface\nVPC peering and transit gateways for multi-account — plan topology before scaling\nDNS for service discovery — hardcoded IPs break migrations\nZero trust: authenticate and encrypt internal traffic — perimeter security isn't enough\nNetwork segmentation limits blast radius — flat networks let attackers roam\nIntegration Patterns\nAPIs for synchronous, queues for asynchronous — match pattern to requirements\nEvent-driven for loose coupling — producers don't know consumers\nService mesh for complex microservices — observability and security at network layer\nRate limiting and backpressure protect systems — don't let slow consumers crash fast producers\nDead letter queues for failed messages — don't lose data, process later\nReliability\nDefine SLOs before building — what does \"up\" mean for this system?\nError budgets allow controlled risk — 99.9% means 8 hours downtime per year is acceptable\nBlast radius reduction: cell-based architecture — limit how many users one failure affects\nChaos engineering in staging first — break things intentionally before production breaks accidentally\nRunbooks for every alert — 3 AM isn't debugging time\nDisaster Recovery\nRTO (recovery time) and RPO (data loss) are business decisions — architect for the requirement\nBackups aren't recovery until tested — restore regularly\nHot/warm/cold standby each have trade-offs — cost vs speed of recovery\nCross-region replication for critical data — single region is single point of failure\nDR drills reveal real problems — plan meets reality\nSecurity\nDefense in depth: multiple barriers — one layer will fail\nLeast privilege for services too — not just users\nSecrets management centralized — no secrets in code, config files, or environment variables in images\nAudit logging for compliance and forensics — you'll need it after a breach\nPatch aggressively — known vulnerabilities are actively exploited\nMonitoring and Observability\nMetrics, logs, and traces together — each tells part of the story\nAlerting on symptoms, not causes — users down matters, CPU high might not\nDashboards for each service with golden signals — latency, traffic, errors, saturation\nDistributed tracing across services — follow requests end to end\nLog aggregation with retention policy — balance cost and forensic needs\nCapacity Planning\nMeasure current baseline before projecting — can't scale what you don't measure\nLoad test to find breaking points — theory differs from reality\nCapacity leads demand — scaling takes time, be ahead\nCost modeling for growth scenarios — 10x users is rarely 10x cost\nReview quarterly at minimum — patterns change\nMigration and Evolution\nStrangler fig pattern for legacy replacement — route traffic gradually\nBlue-green or canary for infrastructure changes — test in production safely\nDatabase migrations are hardest — plan data migration separately\nRollback plans before rollout — assume failure, prepare for it\nCommunicate maintenance windows — surprises damage trust" }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/ivangdavila/systems-architect", "publisherUrl": "https://clawhub.ai/ivangdavila/systems-architect", "owner": "ivangdavila", "version": "1.0.0", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/systems-architect", "downloadUrl": "https://openagent3.xyz/downloads/systems-architect", "agentUrl": "https://openagent3.xyz/skills/systems-architect/agent", "manifestUrl": "https://openagent3.xyz/skills/systems-architect/agent.json", "briefUrl": "https://openagent3.xyz/skills/systems-architect/agent.md" } }