aos-review
/aos-review
Select the files to review (or paste code), then run /aos-review.
What gets checked
Architecture
- Business logic in services — not in controllers, components, or route handlers
- Controllers delegate in one line, no logic
- No direct DB access in controllers or UI components
- DTOs used for all API inputs/outputs — no raw entity objects exposed
- Feature-based folder structure — grouped by domain, not technical layer
Type safety
- No
anyin TypeScript - All function parameters and return types declared
- Domain IDs use branded types
More from riz007/architect-os
aos-feature
Generates a complete vertical feature slice following ArchitectOS patterns — service, controller, repository interface, DTOs, and unit tests in one pass. Use when user wants to generate, add, or implement a feature, endpoint, module, or domain entity.
1aos-audit
Security audit that checks code against ArchitectOS security rules — auth, input validation, secrets, SQL injection, IDOR, XSS, and more. Reports HIGH/MEDIUM/LOW findings with risk descriptions and fixes. Use when user asks for a security review, security audit, or to check for vulnerabilities. Always trigger before PRs that touch auth, payments, or file uploads.
1aos-setup
One-time setup that configures ArchitectOS for the current project. Detects the stack, writes AI tool configs (.cursorrules, .windsurfrules, copilot-instructions.md), and shows which commands are available. Use when user runs /aos-setup, opens a new project, or wants ArchitectOS standards applied to their codebase.
1aos-scaffold
Creates a new project from an ArchitectOS template — folder structure, config files, and dependencies included. Use when user wants to start a new project, scaffold a service, bootstrap an app, or says "create a new <stack> app/service/api".
1