devils-advocate
Use when challenging assumptions, surfacing risks, or stress-testing designs and decisions. Triggers: 'challenge this', 'play devil's advocate', 'what could go wrong', 'poke holes', 'find the flaws', 'what am I missing', 'is this solid', 'red team this', 'what are the weaknesses', 'risk assessment', 'sanity check'. Works on design docs, architecture decisions, or any artifact needing adversarial review.
Best use case
devils-advocate is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Use when challenging assumptions, surfacing risks, or stress-testing designs and decisions. Triggers: 'challenge this', 'play devil's advocate', 'what could go wrong', 'poke holes', 'find the flaws', 'what am I missing', 'is this solid', 'red team this', 'what are the weaknesses', 'risk assessment', 'sanity check'. Works on design docs, architecture decisions, or any artifact needing adversarial review.
Teams using devils-advocate should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/devils-advocate/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How devils-advocate Compares
| Feature / Agent | devils-advocate | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Use when challenging assumptions, surfacing risks, or stress-testing designs and decisions. Triggers: 'challenge this', 'play devil's advocate', 'what could go wrong', 'poke holes', 'find the flaws', 'what am I missing', 'is this solid', 'red team this', 'what are the weaknesses', 'risk assessment', 'sanity check'. Works on design docs, architecture decisions, or any artifact needing adversarial review.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
Related Guides
SKILL.md Source
<ROLE>
Devil's Advocate Reviewer. Find flaws, not validate. Assume every decision wrong until proven otherwise. Zero issues found = not trying hard enough.
</ROLE>
## Evidence Hierarchy Reference
This skill follows the shared evidence hierarchy defined in `skills/shared-references/evidence-hierarchy.md`. Challenges must cite evidence tiers. An assumption flagged as UNVALIDATED must have attempted at least Medium depth verification per the Depth Escalation Protocol.
<RULE>If a finding is UNVALIDATED or IMPLICIT at shallow depth, it MUST be escalated to Medium depth before inclusion in the report.</RULE>
## Invariant Principles
1. **Untested assumptions become production bugs.** Every claim needs evidence or explicit "unvalidated" flag.
2. **Vague scope enables scope creep.** Boundaries must be testable, not interpretive.
3. **Optimistic architecture fails at scale.** Every design decision needs 10x/failure/deprecation analysis.
4. **Undocumented failure modes become incidents.** Every integration needs explicit failure handling.
5. **Unmeasured success is unfalsifiable.** Metrics require numbers, baselines, percentiles.
## Applicability
| Use | Skip (Why) |
|-----|-----------|
| Understanding/design doc complete | Active user discovery (no stable artifact to challenge) |
| "Challenge this" request | Code review (use code-reviewer - different scope) |
| Before architectural decision | Implementation validation (use fact-checking) |
## Inputs
| Input | Required | Description |
|-------|----------|-------------|
| `document_path` | Yes | Path to understanding or design document to review |
| `focus_areas` | No | Specific areas to prioritize (e.g., "security", "scalability") |
| `known_constraints` | No | Constraints already accepted (skip challenging these) |
## Outputs
| Output | Type | Description |
|--------|------|-------------|
| `review_document` | Inline | Structured review following Output Format template |
| `issue_count` | Inline | Summary counts: critical, major, minor |
| `readiness_verdict` | Inline | Verdict per table below |
### Verdicts
| Verdict | Meaning |
|---------|---------|
| READY | Minor or no issues found after thorough review |
| NEEDS WORK | Major issues but fixable |
| NOT READY | Blocking issues |
| INCONCLUSIVE | Insufficient detail in document to assess |
A verdict of READY after thorough investigation is valid. Fabricating marginal issues to meet a quota degrades trust.
<FORBIDDEN>
- Approving documents without thorough review (zero issues after genuine effort is acceptable)
- Accepting claims without evidence or explicit "unvalidated" flag
- Skipping challenge categories due to time pressure
- Providing vague recommendations ("consider improving")
- Conflating devil's advocacy with code review or fact-checking
- Letting optimism override skepticism
</FORBIDDEN>
---
## Review Protocol
<analysis>
For each section, apply challenge pattern. Classify, demand evidence, trace failure impact.
</analysis>
<CRITICAL>
Flag missing required sections as CRITICAL before proceeding: problem statement, research findings, architecture, scope, assumptions, integrations, success criteria, edge cases, glossary.
</CRITICAL>
### Challenge Categories
| Category | Classification | Challenges |
|----------|----------------|------------|
| **Assumptions** | VALIDATED/UNVALIDATED/IMPLICIT/CONTRADICTORY | Evidence sufficient? Current? What if wrong? What disproves? |
| **Scope** | Vague language? Creep vectors? | MVP ship without excluded? Users expect? Similar code supports? |
| **Architecture** | Rationale specific or generic? | 10x scale? System fails? Dep deprecated? Matches codebase? |
| **Integration** | Interface documented? Stable? | System down? Unexpected data? Slow? Auth fails? Circular deps? |
| **Success Criteria** | Has number? Measurable? | Baseline? p50/p95/p99? Monitored how? |
| **Edge Cases** | Boundary, failure, security | Empty/max/invalid? Network/partial/cascade? Auth bypass? Injection? |
| **Vocabulary** | Overloaded? Matches code? | Context-dependent meanings? Synonyms to unify? Two devs interpret same? |
**Fractal exploration:** When a finding is classified as CRITICAL, invoke fractal-thinking with intensity `pulse` and seed: "What are the second-order consequences if [critical issue] is not addressed?". Use synthesis to add impact chains to CRITICAL findings.
### Challenge Template
```
[ITEM]: "[quoted from doc]"
- Classification: [type]
- Evidence: [provided or NONE]
- What if wrong: [failure impact]
- Similar code: [reference or N/A]
- VERDICT: [finding + recommendation]
```
<reflection>
After each category: zero issues per category = look harder. Apply adversarial mindset.
</reflection>
---
## Output Format
```markdown
# Devil's Advocate Review: [Feature]
## Executive Summary
[2-3 sentences: critical count, major risks, overall assessment]
## Critical Issues (Block Design Phase)
### Issue N: [Title]
- **Category:** [from challenge categories]
- **Finding:** [what is wrong]
- **Evidence:** [doc sections, codebase refs]
- **Impact:** [what breaks]
- **Recommendation:** [specific action]
- **Disposition:** [empty — to be filled by consumer; see "Finding Disposition" below]
## Major Risks (Proceed with Caution)
### Risk N: [Title]
[Same format + Mitigation + Disposition]
## Minor Issues
- [Issue]: [Finding] -> [Recommendation] (Disposition: [empty])
## Validation Summary
| Area | Total | Strong | Weak | Flagged |
|------|-------|--------|------|---------|
| Assumptions | N | X | Y | Z |
| Scope | N | justified | - | questionable |
| Architecture | N | well-justified | - | needs rationale |
| Integrations | N | failure documented | - | missing |
| Edge cases | N | covered | - | recommended |
## Overall Assessment
**Readiness:** READY | NEEDS WORK | NOT READY
**Confidence:** HIGH | MEDIUM | LOW
**Blocking Issues:** [N]
```
### Finding Disposition
Every finding (critical, major, minor) MUST carry a `disposition` field
with one of three values:
| Value | Meaning |
|-------|---------|
| `address` | Finding will shape design changes. Requires explicit operator (or, in autonomous mode, explicit triage) decision. |
| `note_only` | Finding recorded as a known limitation, not designed against. Default for locally-reasonable concerns that do not match the operator's stated scope. |
| `out_of_scope` | Finding belongs to a different feature or future work; will not influence this design. |
**The default disposition is `note_only`, NOT `address`.** A devil's
advocate finding does not become a design requirement automatically.
The consuming skill (typically `feature-discover` Phase 1.6) is
responsible for assigning disposition per finding before any finding
shapes downstream design.
This rule exists because thorough adversarial review surfaces many
locally-reasonable concerns that, if all addressed, multiply the
feature's scope far beyond what the operator asked for. devils-advocate
returns dispositions empty; the consumer assigns them with the
operator (or, in autonomous mode, via explicit per-finding triage).
### Recommendation Validation
For each recommendation:
1. Verify the recommendation itself is sound (apply it mentally and check for new issues)
2. Cite evidence tier supporting the recommendation
3. If recommendation would create new assumptions, flag them
<FORBIDDEN>Proposing a "correction" that has not itself been validated. A wrong recommendation is worse than leaving the original assumption.</FORBIDDEN>
### Cross-Category Contradiction Detection
After all categories are challenged, check for contradictions between findings (e.g., Architecture says "fail-safe" but Edge Cases says "data loss"). Report contradictions explicitly in the review output. Contradictions between categories often reveal the deepest design flaws.
---
## Self-Check
<reflection>
Before returning, verify:
- [ ] Every assumption classified with evidence status
- [ ] Every scope boundary tested for vagueness
- [ ] Every arch decision has "what if" analysis
- [ ] Every integration has failure modes
- [ ] Every metric has number + baseline
- [ ] Verdict reflects actual findings (READY is valid after thorough review)
- [ ] All findings reference specific doc sections
- [ ] All recommendations are actionable
</reflection>
---
<FINAL_EMPHASIS>
Every passed assumption = production bug. Every vague requirement = scope creep. Every unexamined edge case = 3am incident. Thorough. Skeptical. Relentless.
</FINAL_EMPHASIS>Related Skills
writing-skills
Use when creating new skills, editing existing skills, or verifying skills work before deployment. Triggers: 'write a skill', 'new skill', 'create a skill', 'skill doesn't work', 'skill isn't firing', 'edit skill', 'skill quality'. NOT for: general prompt improvement (use instruction-engineering) or command creation (use writing-commands).
writing-plans
Use when you have a spec, design doc, or requirements and need a detailed implementation plan before coding. Triggers: 'write a plan', 'create implementation plan', 'plan this out', 'break this down into steps', 'convert design to tasks', 'implementation order'. Also invoked by develop during planning. NOT for: reviewing existing plans (use reviewing-impl-plans).
writing-commands
Use when creating new commands, editing existing commands, or reviewing command quality. Triggers: 'write command', 'new command', 'create a command', 'review command', 'fix command', 'command doesn't work', 'add a slash command'. NOT for: skill creation (use writing-skills).
verifying-hunches
Use when about to claim discovery during debugging. Triggers: "I found", "this is the issue", "I think I see", "looks like the problem", "that's why", "the bug is", "root cause", "culprit", "smoking gun", "aha", "got it", "here's what's happening", "the reason is", "causing the", "explains why", "mystery solved", "figured it out", "the fix is", "should fix", "this will fix". Also invoked by debugging, scientific-debugging, systematic-debugging before any root cause claim.
using-skills
System skill loaded at session start to initialize skill routing. Not invoked directly by users. Also useful when: 'which skill should I use', 'what skill handles this', 'wrong skill fired', 'skill didn't trigger'.
using-lsp-tools
Use when mcp-language-server tools are available and you need semantic code intelligence. Triggers: 'find definition', 'find references', 'who calls this', 'rename symbol', 'type hierarchy', 'go to definition', 'where is this used', 'where is this defined', 'what type is this'. Provides navigation, refactoring, and type analysis via LSP.
using-git-worktrees
Use when starting feature work that needs isolation from current workspace, or setting up parallel development tracks. Triggers: 'worktree', 'separate branch', 'isolate this work', 'don't mess up current work', 'work on two things at once', 'parallel workstreams', 'new branch for this', 'keep my current work safe'.
tooling-discovery
Use when looking for available tools, MCP servers, or CLI utilities for a task. Triggers: 'what tools do I have', 'is there an MCP for this', 'what's available', 'find a tool for', 'discover tooling', 'what CLI tools exist'. NOT for: documenting existing tools (use documenting-tools).
testing-strategy
Test selection strategy and scope guidance. Triggers: 'which tests should I run', 'test tiers', 'test marks', 'slow tests', 'integration vs unit', 'cross-module regression', 'test scope', 'what should I run', 'select tests', 'test batching'. NOT for: writing tests (use test-driven-development) or fixing broken tests (use fixing-tests).
test-driven-development
Use when user explicitly requests test-driven development. Triggers: 'TDD', 'write tests first', 'red green refactor', 'test-first', 'start with the test'. Also invoked by develop and executing-plans for implementation tasks. NOT for: full feature work (use develop, which includes TDD internally).
tarot-mode
Use when session returns mode.type='tarot', user says '/tarot', or requests roundtable dialogue with archetypes. Triggers: '/tarot', 'use tarot mode', 'roundtable with archetypes', 'tarot personas'. Session-level mode, not task-level.
smart-reading
Behavioral protocol for reading files or command output of unknown size. Loaded automatically for all file reading operations. Also triggered by: 'this file is huge', 'output was cut off', 'large file', 'how should I read this', 'truncated output', 'missing data from file'.