# RegistryRouter Preflight Report Task: Add authentication to a Next.js app with Postgres and Vercel. Classification: - Primary layer: auth_identity - Secondary layers: packages_dependencies, deployment_hosting, database - Human approval: required if selecting an external SaaS provider Authoritative sources: - Auth.js official docs: implementation authority - Next.js official docs: framework integration authority - Provider docs: OAuth scope authority Required checks: - Session model - OAuth scopes - Secrets and environment variables - Data retention and region availability - Pricing if SaaS provider is selected Agent instruction: Do not implement until the user confirms provider choice and session/storage model.
Preflight reports before implementation.
RegistryRouter turns broad software requests into reviewable source decisions: classification, authoritative references, required checks, and approval gates.
# RegistryRouter Preflight Report Task: Add a command palette to a React + Vite + Tailwind app. Classification: - Primary layer: ui_frontend - Secondary layers: packages_dependencies, accessibility Primary sources: - shadcn/ui Command: source-owned component starting point - Radix UI primitives: accessibility behavior authority - React Aria Components: fallback accessibility-first source Required checks: - Keyboard behavior - Focus trapping - Visual fit with existing design system - Bundle impact - Dependency footprint Agent instruction: Use registry code for behavior and structure only. Restyle every visible pixel to the host app.
# RegistryRouter Preflight Report Task: Add an MCP server that lets an agent read GitHub issues and pull requests. Classification: - Primary layer: ai_models_tools - Secondary layers: security_compliance, apis_integrations - Human approval: required Authoritative sources: - Official MCP Registry or vendor-maintained repository - GitHub API docs for scopes and token behavior - Organization security policy for private repo access Required checks: - Tool identity and maintainer - Read/write permissions - Token scopes - Private code exposure - Logging behavior - Prompt-injection risk Agent instruction: Use read-only scopes by default. Do not connect to private repositories without explicit approval.
# RegistryRouter Preflight Report Task: Add Stripe subscriptions to a Next.js + Supabase app. Classification: - Primary layer: payments_billing - Secondary layers: apis_integrations, auth_identity, database - Human approval: required Authoritative sources: - Stripe official docs: implementation authority - Stripe API reference: schema authority - Stripe sample repos: examples only, not final authority Required checks: - Pricing and fees - Webhook security - API key handling - Customer data storage - Tax/subscription rules - Refund/cancellation handling - Local/test mode setup Agent instruction: Generate an implementation plan first. Do not write payment code until the billing model is approved.
Outcome: the agent makes a source decision before it makes code changes, reducing stale references, invented APIs, and unreviewed tool access.