Conference Notes

Took notes with Claude and this summary was generated by Claude

Dates: 28-30 January 2026
Role: Volunteer

Table of Contents

• Talks Attended
• Key Tools & Resources
• MCP Server Recommendations
• Contacts
• Key Takeaways

Talks Attended

1. Beyond Pub/Sub: Advanced Messaging Patterns

Speaker: Poornima Nayar
Time: Wednesday 11:40-12:40, Room 2
Link: https://ndclondon.com/agenda/beyond-pubsub-advanced-messaging-patterns-07od/0opisnwzfkt

Key Patterns Documented:

Outbox Pattern
Ensures atomicity between database writes and message publishing.
Resource: https://microservices.io/patterns/data/transactional-outbox.html

Saga Pattern
Coordinates long-running workflows (minutes to days). Two variants:

• Orchestration: Central coordinator between service boundaries
• Choreography: Event-driven within service boundary

AWS Step Functions implements orchestration variant.
Resources:

• https://learn.microsoft.com/en-us/azure/architecture/reference-architectures/saga/saga
• https://aws.amazon.com/step-functions/

Scatter-Gather Pattern
Parallelise work, fan-out/collect replies, short-lived.
Resource: https://www.enterpriseintegrationpatterns.com/patterns/messaging/BroadcastAggregate.html

Competing Consumers
Solves throughput pressure.
Resource: https://learn.microsoft.com/en-us/azure/architecture/patterns/competing-consumers

Retry Strategies

• Immediate retries
• Delayed retry
• Systemic exceptions → error queue

Error Queue Management
Dead Letter Queues (DLQs) enable investigation/recovery.
Resource: https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-dead-letter-queues.html

Pinball Architecture
Mentioned (details pending)

Pattern Selection Guidance:

• Outbox = correctness
• Idempotency = insurance
• Sagas = business workflows not CRUD
• Scatter-Gather = parallelising work
• Competing Consumers = throughput
• Retries/error queues/back pressure = safety

Relevance: Directly applicable to public sector operational resilience. Experience with AWS Step Functions validated understanding of Saga orchestration pattern.

2. Anatomy of an Incident (featuring CrowdStrike)

Speaker: Liam Westley (Head of Engineering at FreemarketFX fintech)
Time: Wednesday 11:40-12:40, Room 2
Link: https://ndclondon.com/agenda/anatomy-of-an-incident-featuring-crowdstrike-0jpk/2b70d36fec8b
Tags: Security, People, Soft Skills

Session Overview:

Builds on speaker's NDC London 2022 talk on incident handling. July 2024 CrowdStrike incident tested their 3-year refined incident plan.

Covers:

• Incident plan structure review
• Timeline from Post Incident Review (PIR)
• What worked
• Plan tweaks for future

Career includes: chellomedia, GMTV, BSkyB, SmashedAtom.

3. The New Frontend Toolkit: Popover API, Dialog, and Next-Gen CSS

Speaker: Eric Veliyulin (Frontend specialist at Forte)
Time: Wednesday 13:40-14:40, Room 5
Link: https://ndclondon.com/agenda/the-new-frontend-toolkit-popover-api-dialog-and-next-gen-css-0vq5/0svlcd5xmx7
Tags: Web, JavaScript, UI

Problem Statement:

Developers still use third-party libraries for menus/modals/overlays, but native solutions now exist via Popover API and Dialog element. Almost no one using them.

Session Content:

• Live-coding examples
• Bleeding-edge CSS innovations
• How new CSS + HTML capabilities create cleaner, more elegant, flexible UIs
• Goal: Inspire immediate adoption

4. Usability Testing is Easier Than You Think

Speaker: Jo Minney (Small business founder, technical communicator, Perth WA)
Time: Wednesday 15:00-16:00, Room 5
Link: https://ndclondon.com/agenda/usability-testing-is-easier-than-you-think-0hio/021t3vm4l5k
Tags: Testing, UX

Key Points:

• Developers assume customers use technology as expected - they never do
• Anyone can learn qualitative usability testing
• Make massive improvements quickly and cheaply
• Important distinction: 'user testing' ≠ 'usability testing'
• UX researcher secrets to take projects from good to great
• Most cost-effective UX research method

Speaker Background:

• Nielsen Norman certified UX research consultant
• Microagency: Bespoke digital platforms for charities/NGOs
• Mission Digital volunteer (gender inequality, domestic violence, global poverty via tech)
• Trained hundreds of Australian small business owners (federally funded workshops)
• Ambassador/sponsor/lead mentor: She Codes Australia
• Women in Tech WA Shining Star award
• International speaker: UX, accessibility, imposter syndrome, gender gap, pockets
• Maker: 3D printing, sewing, woodworking

5. Prompt Failures and Latency Spikes: Observability for AI

Speaker: Prerit Munjal (CTO, KubeCloud)
Time: Wednesday 16:20-17:20, Room 5
Link: https://ndclondon.com/agenda/prompt-failures-and-latency-spikes-observability-for-ai-0ud4/0zbj35ju4jr
Tags: AI, Cloud, DevOps, Tools

Problem Statement:

Traditional logs/metrics insufficient for debugging AI agents with unexpected responses. AI observability requires understanding prompts, latencies, retries, hallucinations, token usage, model behaviour under pressure.

Session Content - OpenLit:

Lightweight CNCF tool for LLM/agent workloads:

• Track/debug prompt chains across orchestration layers
• Visualise token usage and latency distributions per workflow step
• Monitor agent reasoning patterns
• Performance dashboards beyond CPU/memory (model selection, response variability, input size trends)

Use cases:

• RAG systems
• Multi-step AI agents
• Chatbot debugging

Accessible: No PhD in tracing or LLM internals required.

Speaker Background:

CTO of KubeCloud (umbrella company, multiple Cloud-Native products). Designs resilient architectures that scale while prioritising cost, security, availability, end-user experience.

Relevance: Directly applicable to IBM RAG and Agentic AI Professional Certificate work and AI development experimentation. OpenLit worth exploring for AI projects.

6. AI Agents Need Permission Slips

Speaker: Heather Downing
Time: Thursday 16:20-17:20, Room 2
Link: https://ndclondon.com/agenda/ai-agents-need-permission-slips-0hm0/0gk6h5107zb
Tags: Security, AI, Architecture, DevOps

Problem Statement:

MCP servers connect AI agents to enterprise systems, but examples lack specific access permissions. Works until assistant reorganises file system or emails entire customer database.

Core Message: "Giving AI agents broad permissions = giving toddler car keys."

Key Content:

ABAC Evolution (Attribute-Based Access Control):

Decision based on:

• WHO: Agent identity + user context (agent type, department, clearance)
• WHAT: Resource type + sensitivity level (resource type, sensitivity, status)
• WHEN: Time of day + request frequency
• WHERE: Environment + geographic location
• WHY: Business justification + risk score (business context, agent history)

Note: "Context changes everything - same request at 3 AM from coffee shop? DENY"

The Permission Slip Framework: 5 Steps to Deploy Agents Safely

1. Start with Least Privilege

   • Deny by default
   • Allowlist minimally
   • Scope to resources

2. Implement Approval Gates

   • Identify checkpoints
   • Use interrupts
   • Human = ultimate arbiter

3. Use Modern Authorization

   • OAuth 2.1 + scopes
   • ABAC for context
   • External policy engines

4. Build Observability In

   • Audit trail everything
   • Explainability
   • Reversibility

5. Separate Environments

   • Dev/staging/prod
   • Automatic separation
   • Test in sandbox

Speaker Background:

Passionate coder and entrepreneur. Experience: .NET, mobile apps, voice interfaces, IoT, databases. Focus: Coding for humans, right tool for job. Fortune 500 experience building enterprise mobile/.NET applications. Conference speaker supporting new developers. Competitive equestrian learning mounted archery.

Relevance: ABAC model significantly more sophisticated than RBAC - considers full context (who/what/when/where/why). Critical for AI agent security in production.

7. Meditations on Code As Art

Speaker: David Whitney
Time: Thursday 17:40-18:40, Room 3
Link: https://ndclondon.com/agenda/meditations-on-code-as-art-0ylg/0vuo674cdt8
Tags: Architecture, Ethics, Fun, People

Session Theme:

Can code deliberately be artistic? Despite how important and prolific software has become, the general public still have loose understanding of what software is. This hasn't been lost on developers, who try to capture themselves in the work they do.

Session Explores:

• Examples through history of seeing humans behind the code
• Whether it's possible to deliberately make art by manipulating form and design of software itself
• A talk for everyone wanting to be seen in the work, or understand their own creative urge

Notes from Session:

Apollo 11 Example: David mentioned that the function name "burn baby burn" was in the software for the 1969 Apollo mission. Discussed possible origin of the phrase in the Apollo codebase.

Key Theme: Fascinating intersection of software craftsmanship, history, and human expression in code. Developers leave traces of themselves and their culture in software, from NASA missions to modern applications.

8. How I Tamed Claude

Speaker: Rendle (CTO of XRAI)
Time: Friday 13:40-14:40, Room 1
Link: https://ndclondon.com/agenda/how-i-tamed-claude-0bb7/0fn2zo3kfbo
Tags: AI, Architecture, Machine Learning, Tools, Work skills, Cross-Platform

Speaker Background:

CTO of XRAI, on mission to subtitle the world and help people communicate with "magic glasses". Uses skills from professional stand-up comedy to deliver entertaining and informative talks. Recently learned bass to join tech parody band The LineBreakers.

Context Note: Talk submitted 6 months ago, had to change many times due to rapid rate of change in AI coding tools.

The Complete Four Personas Workflow:

Rendle's workflow involves creating 4 specialized personas for Claude using Claude Desktop to craft system prompts for each role:

1. Analyst: "Gather and clarify requirements"

   • Asks questions to understand what's needed
   • Produces REQUIREMENTS.md document

2. Architect: "Specification and Implementation plan"

   • Takes requirements document
   • Designs solution architecture
   • Creates detailed implementation plan
   • Produces architecture specs and technical plan

3. Developer: "Execute the plan"

   • Takes architecture and implementation plan
   • Writes actual code
   • Implements solution according to specifications
   • Produces working code

4. Reviewer: "Check generated code"

   • Reviews code created by Developer
   • Validates quality/correctness/security
   • Provides feedback for improvements
   • Produces code review feedback and approval

The Complete Pipeline:

Analyst → REQUIREMENTS.md → Architect → SPECS.md/PLAN.md → Developer → CODE → Reviewer → FEEDBACK

Workflow Advantages:

• Clear separation of concerns (each persona has one job)
• Structured handoffs (documents flow between personas with clear contracts)
• Context management (each persona works in focused context window)
• Human oversight points (can review/adjust at each handoff)
• Quality gates (Reviewer catches issues before production)
• Reproducibility (can re-run any stage with updated inputs)
• Parallel work (could potentially run multiple Developers with same specs)

System Prompt Creation Process:

Uses Claude Desktop to meta-prompt: "Create a system prompt for a [Persona] that [specific role description]"

Comparison to Traditional SDLC:

This mirrors the traditional Software Development Life Cycle but with AI agents:

• Analyst = Business Analyst/Requirements Engineer
• Architect = Solution Architect/Technical Lead
• Developer = Software Developer/Engineer
• Reviewer = Code Reviewer/QA

Key Innovation: Instead of trying to make one agent do everything (which leads to context overload and quality issues), Rendle creates a specialized agent pipeline that mimics proven human software development patterns.

Application: This is brilliant - applying Conway's Law in reverse. Instead of letting org structure dictate system architecture, structuring AI agents according to natural boundaries of software development process. Each agent has clear interface (document format) and responsibility, making system more maintainable, debuggable, and reliable. Perfect for government work where auditability, clear ownership, and ability to explain what happened at each stage are essential.

9. Resilient by Design

Speaker: Chris Ayers (Senior Software Engineer at Microsoft)
Time: Friday 15:00-16:00, Room 5
Link: https://ndclondon.com/agenda/resilient-by-design-0nqr/1d48800e63da
Tags: Architecture, Cloud, Microservices, Microsoft, Testing, Tools, Web

Session Description:

A truly resilient Azure infrastructure does more than withstand disruptions—it keeps applications running smoothly, no matter what. Remember: failure is always an option, but there are ways to reduce its impact.

Session Coverage:

Core Principles of Resilience:

• Foundational concepts that support any robust Azure environment
• Practical steps to strengthen cloud infrastructure

Azure's Resilience Toolkit:

• Full range of Azure services and features that boost fault tolerance and uptime
• Beyond chaos experimentation

Real-World Strategies:

• Proven scenarios and best practices
• Building and maintaining sturdy Azure solutions that stand up to real-life challenges

Speaker Background:

Chris Ayers is a Senior Software Engineer at Microsoft, where he builds AI-driven tooling to analyse outages and incidents across Azure. His work focuses on improving the way engineers understand failures, uncover risks, and strengthen reliability at cloud scale.

Background spans DevOps, cloud architecture, and modern application design. He's a frequent international speaker who shares real-world lessons about developer productivity, reliability, containers, and automation. Outside of work: proud dad, lifelong gamer, avid reader, and unapologetic nerd.

Team: Azure CXP (Customer Experience Platform) AzRel (Azure Reliability)

Tools/Resources Mentioned:

uptime.is - https://uptime.is
Tool for calculating what your uptime percentage actually means. Helps translate availability percentages into real downtime:

• 99% uptime = 3.65 days downtime per year
• 99.9% uptime = 8.76 hours downtime per year
• 99.99% uptime = 52.56 minutes downtime per year
• 99.999% uptime = 5.26 minutes downtime per year

Why it matters: Helps teams understand the true cost/effort required to achieve different availability targets. The jump from 99% to 99.99% is not just a couple of nines—it's a massive engineering effort.

Azure Well-Architected Framework
Microsoft's framework (similar to AWS Well-Architected Framework). Six pillars:

1. Operational Excellence
2. Security
3. Reliability
4. Performance Efficiency
5. Cost Optimization
6. Sustainability (recently added)

Note: AWS created the original Well-Architected Framework in 2014; Azure followed with their version. Core five pillars are nearly identical across both cloud providers. The principles are largely cloud-agnostic.

Chris's Additional Resources:

Azure Architecture Centre
https://learn.microsoft.com/en-us/azure/architecture/

Microsoft's official catalog of solution ideas, example workloads, and reference architectures. Contains:

• Reference Architectures (complete end-to-end)
• Architecture Patterns (specific features)
• Best Practices
• Technology Decision Guides
• Cloud Design Patterns
• Downloadable Diagrams & Icons

Azure Proactive Resiliency Library (APRL)
https://aka.ms/aprl

Curated catalog of resiliency recommendations for Azure workloads. Contains:

• Service-specific recommendations
• Azure Resource Graph (ARG) queries to scan environments
• Workload-specific guidance
• PowerShell automation tools (Collector, Analyzer, Reports)

How it works:

1. Run collector tool against Azure subscription
2. Executes ARG queries to find non-compliant resources
3. Get Excel spreadsheet showing issues
4. Generate PowerPoint reports for stakeholders

Azure Verified Modules (AVM)
https://aka.ms/AVM

Microsoft's official, standardised Infrastructure-as-Code (IaC) modules. Available in:

• Bicep (Bicep Public Registry)
• Terraform (HashiCorp Terraform Registry)

Module types:

1. Resource Modules: Single Azure resources with best practices
2. Pattern Modules: Multiple resources for common architectures
3. Utility Modules: Reusable functions/routines

Benefits:

• Officially supported by Microsoft
• Regularly updated
• Well-Architected by default
• Tested and documented
• Saves significant development time

Azure Review Checklists
Additional tool/resource mentioned. Likely checklists for manually reviewing Azure architecture against Well-Architected Framework principles.

Enterprise Web Apps
Resource mentioned on final slide.

How They Work Together:

1. Azure Architecture Centre → Shows you what to build (reference architectures)
2. APRL → Checks if what you built is resilient (scanning + recommendations)
3. Azure Verified Modules → Gives you how to build it properly from the start (IaC templates)

Ideal Workflow:

1. Find your architecture pattern in Azure Architecture Centre
2. Implement it using Azure Verified Modules (already resilient by design)
3. Run APRL scans to validate and find any gaps
4. Fix issues and maintain over time

Contact Information:

• Role: Senior Software Engineer, Azure CXP AzRel, Microsoft
• Website/Blog: https://chris-ayers.com/
• BlueSky: @chris-ayers.com
• LinkedIn: chris-l-ayers
• GitHub: Codebytes
• Mastodon: @Chrisayers@hachyderm.io

Key Tools & Resources

Messaging & Architecture Patterns

• Outbox Pattern: https://microservices.io/patterns/data/transactional-outbox.html
• Saga Pattern: https://learn.microsoft.com/en-us/azure/architecture/reference-architectures/saga/saga
• AWS Step Functions: https://aws.amazon.com/step-functions/
• Scatter-Gather: https://www.enterpriseintegrationpatterns.com/patterns/messaging/BroadcastAggregate.html
• Competing Consumers: https://learn.microsoft.com/en-us/azure/architecture/patterns/competing-consumers
• Dead Letter Queues: https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-dead-letter-queues.html

AI Observability

• OpenLit: CNCF tool for LLM/agent workload observability

Azure Resources

• uptime.is: https://uptime.is - Calculate real downtime from uptime percentages
• Azure Architecture Centre: https://learn.microsoft.com/en-us/azure/architecture/
• Azure Proactive Resiliency Library (APRL): https://aka.ms/aprl
• Azure Verified Modules (AVM): https://aka.ms/AVM
• Azure Well-Architected Framework: Official Microsoft framework documentation
• Azure Review Checklists: Architecture review checklists

Well-Architected Frameworks

Azure Well-Architected Framework (6 pillars):

1. Operational Excellence
2. Security
3. Reliability
4. Performance Efficiency
5. Cost Optimization
6. Sustainability

AWS Well-Architected Framework (6 pillars):

1. Operational Excellence
2. Security
3. Reliability
4. Performance Efficiency
5. Cost Optimization
6. Sustainability

Note: Core five pillars are nearly identical. AWS created the original in 2014; Azure followed. Principles are largely cloud-agnostic - implementation differs (AWS vs Azure services).

MCP Server Recommendations

From Rendle's "How I Tamed Claude" Talk

1. Serena MCP Server

What it is: Free, open-source AI coding agent toolkit providing semantic code understanding through Language Server Protocol (LSP) integration.

Installation:

claude mcp add serena -- uvx --from git+https://github.com/oraios/serena serena start-mcp-server --context ide-assistant --project $(pwd)

Why it's recommended:

• Symbol-level intelligence: Understands functions, classes, variables across codebase
• Semantic search: Finds code by what it does, not just text matching
• IDE-like capabilities: Jump to definitions, find references, rename symbols
• Token efficiency: Retrieves only relevant code instead of dumping entire files
• Free alternative to Cursor/Windsurf subscriptions

Key Features:

• Automatic language server installation for Python, TypeScript, Rust, Go, Java, and 12+ languages
• Creates project "memories" during onboarding
• Web dashboard for monitoring operations
• Users report: "90% of Cursor/Windsurf functionality without subscription costs"

How it works:

# Instead of: "Search for 'authentication' in all files"
# You ask: "Where do we handle user authentication?"
# Serena understands semantic meaning and finds all related code

Use Cases:

• "Find all functions that validate user input"
• "Show me the authentication flow"
• "Explain the relationship between these classes"
• "Refactor this module for better separation of concerns"

GitHub: https://github.com/oraios/serena
Documentation: https://oraios.github.io/serena/

2. Context7 MCP Server

What it is: MCP server providing real-time, version-specific documentation for libraries and frameworks, injected directly into Claude's context.

Installation:

claude mcp add context7 -- npx -y @upstash/context7-mcp@latest

Why it's recommended:

• No hallucinated APIs: Gets current official documentation
• Version-specific: Works with the exact version you're using
• No context switching: Documentation comes to you
• Fast: Millisecond response times

Key Features:

• Fetches up-to-date docs from official sources
• Automatic version detection
• Works across platforms (Claude Code, Cursor, Windsurf, Claude Desktop)
• Free to use (optional API key for higher rate limits)

How it works:

# Add "use context7" to your prompts
> Create a Next.js middleware that checks for JWT. use context7

# Or better: Set up auto-invoke in CLAUDE.md
> Always use Context7 MCP when I need library/API documentation

# Then just ask naturally:
> How do I set up Prisma with PostgreSQL?
# Context7 fetches current Prisma docs automatically

Specific library syntax:

# Tell it exactly which library to use:
> Implement authentication with Supabase. use library /supabase/supabase

# Request specific version:
> How do I set up Next.js 14 middleware?

GitHub: https://github.com/upstash/context7
Website: https://context7.com

Why These Two Together?

Rendle's recommendation of both Serena and Context7 creates a powerful combination:

The Complete Setup (Rendle's Recommended Stack)

# 1. Install Serena (semantic code understanding)
claude mcp add serena -- uvx --from git+https://github.com/oraios/serena serena start-mcp-server --context ide-assistant --project $(pwd)

# 2. Install Context7 (current documentation)
claude mcp add context7 -- npx -y @upstash/context7-mcp@latest

# 3. Create a slash command to tie it together
# .claude/commands/go.md:
---
name: go
description: Start working on a task with full context
---

Always use:
- serena for semantic code retrieval and editing
- context7 for up-to-date documentation on third-party code

Read the CLAUDE.md file before you do anything.

$ARGUMENTS

Then in Claude Code:

claude
> /go implement OAuth with Supabase

This gives Claude:

• Serena: Understanding of your existing codebase structure
• Context7: Current Supabase OAuth documentation
• CLAUDE.md: Your project conventions

Real-World Impact

One developer's report:

"60-70% time savings on complex features. The combination of Serena understanding my codebase and Context7 providing current docs means Claude writes code that actually works and follows our patterns."

These MCP servers align perfectly with Rendle's four-persona workflow:

• Analyst: Can use Context7 to research library capabilities
• Architect: Can use Serena to understand existing architecture
• Developer: Needs both - Serena for context, Context7 for APIs
• Reviewer: Can use Serena to understand symbol relationships

Technical Deep-Dives Discussed

Claude Code - Recent Major Updates

Version 2.1.0 Release (January 2026) - Major Update:

• 1,096 commits with substantial infrastructure improvements
• Hooks for agents, skills, and slash commands (PreToolUse, PostToolUse, Stop logic)
• Hot reload for skills - new/updated skills available immediately without restart
• Native VS Code extension with fresh UI
• Added /rewind command to undo code changes
• Added /usage command to see plan limits

MCP Tool Search - "Lazy Loading" (Mid-January 2026):
Revolutionary change to how Claude Code manages tools:

• Previously: Loaded ALL tool definitions upfront, consuming massive context (e.g., 134k tokens)
• Now: Loads lightweight search index, fetches tool definitions only when needed (down to ~5k tokens)
• Detects when tool descriptions would consume >10% of context and automatically switches strategies
• Removes "soft cap" on agent capabilities - can now access thousands of tools without context penalty
• Dramatically improves agent "memory" of conversation

Model Improvements:

• Claude Opus 4.5 (November 2025) marked inflection point for autonomous coding
• Thinking mode now enabled by default for Opus 4.5
• Significantly improved at long-horizon coding tasks
• Higher pass rates on tests whilst using up to 65% fewer tokens

Setting System Prompts in Claude Code

Primary Methods:

1. CLAUDE.md Files (Most Common) - Hierarchical:

   • Global: ~/.claude/CLAUDE.md (applies to all projects)
   • Project: CLAUDE.md in project root (shared with team, checked into git)
   • Local: CLAUDE.local.md (personal, git-ignored)

2. Command Line Flag: claude --append-system-prompt "instructions"

3. Settings JSON: In .claude/settings.json or ~/.claude/settings.json

4. Custom Slash Commands: Create .claude/commands/your-command.md

5. Hooks: In .claude/settings.json for automated actions

Important Notes:

• Claude Code's internal system prompt is not published
• Can't replace it, only append to it
• Claude Code's base prompt already contains ~50 instructions
• Adding too many more will decrease compliance uniformly
• Focus on universal, high-value instructions

Best Practices for CLAUDE.md:

• Keep it focused
• Structure as WHY, WHAT, HOW
• Less is more - quality over quantity
• Don't try to list every possible command

OpenSpec vs Claude Code Plans

Claude Code Plans (Built-in):

• Native feature (use /plan mode)
• Creates structured implementation task lists
• Lives within Claude Code session
• Lightweight, session-focused

OpenSpec (External Framework):

• Separate CLI tool/framework (npm install)
• Works across 20+ AI tools (Claude Code, Cursor, Cline, GitHub Copilot, etc.)
• More formal, structured spec-driven development
• Creates permanent documentation artifacts
• "Brownfield-first" - designed for existing codebases

OpenSpec Workflow:

1. Proposal (/openspec:proposal) - Create change proposal
2. Fast-forward (/openspec:ff) - Generate all planning docs: proposal.md, specs/, design.md, tasks.md
3. Apply (/openspec:apply) - Implement the tasks
4. Archive (/openspec:archive) - Move to archive and consolidate into permanent specs

Key Differences:

• Scope: Plans = session-based, OpenSpec = project-lifetime
• Portability: Plans = Claude Code only, OpenSpec = works across tools
• Artifacts: Plans = task list in chat, OpenSpec = multiple markdown files
• Permanence: Plans = disappears with session, OpenSpec = permanent, git-tracked
• Best For: Plans = quick features/iteration, OpenSpec = complex features/team coordination/long-term knowledge

Claude Code Subagents for Rendle's Four Personas

Implementation: Create four subagents using /agents command or manually create files in .claude/agents/:

• analyst.md (tools: Read, Write, Grep, WebSearch, WebFetch, model: sonnet)
• architect.md (tools: Read, Write, Grep, Glob, model: opus)
• developer.md (tools: Read, Write, Edit, Bash, Grep, Glob, model: sonnet)
• reviewer.md (tools: Read, Grep, Glob, Bash, model: sonnet)

Workflow in Action:

> Use the analyst agent to gather requirements for a user authentication system
# Analyst produces REQUIREMENTS.md

> Now use the architect agent to design the solution based on REQUIREMENTS.md
# Architect produces ARCHITECTURE.md and IMPLEMENTATION_PLAN.md

> Use the developer agent to implement the authentication system
# Developer writes the code

> Use the reviewer agent to review the implementation
# Reviewer provides feedback

Advantages Over Rendle's Approach:

• Context Switching: Manual (switch between Claude Desktop projects) vs Automatic (Claude delegates)
• State Management: Manual (copy/paste documents) vs Automatic (files in project)
• Team Sharing: Share system prompts separately vs Git-tracked in .claude/agents/
• Invocation: Remember which persona to use vs Claude chooses automatically
• Tool Access: All tools per persona vs Restricted per role

Pro Tips:

• Use Different Models: Analyst/Developer/Reviewer = Sonnet, Architect = Opus
• Restrict Tools: Analyst (Read, Write, WebSearch), Architect (Read, Write, Grep), Developer (All tools), Reviewer (Read, Grep, Bash)
• Color-Code Them: Assign distinct colors to visually track which agent is working

Conclusion: Claude Code subagents are much better implementation of Rendle's concept. They provide same role separation, better automation, better state management, better team collaboration, better isolation, better security.

Skills vs Slash Commands in Claude Code

Core Difference:

• Slash Commands = Manual invocation (you type /command-name)
• Skills = Automatic invocation (Claude decides when to use them)

Detailed Comparison:

When to Use Each:

Use Slash Commands When:

• You want explicit control over when it runs
• Repeatable workflows you run frequently
• Commands with variable inputs (e.g., /create-controller user)
• Deployment, testing, or formatting tasks
• You want fast, predictable execution

Examples: /deploy production, /create-component Button, /run-tests unit, /format-code, /git-commit

Use Skills When:

• You want Claude to automatically apply knowledge
• Domain-specific conventions that should always be followed
• Background context Claude needs when relevant
• Need to bundle code/scripts with instructions
• Want to share across platforms (web, desktop, Code)

Examples: API design patterns, security best practices, testing conventions, code style guides, legacy system documentation

The Reliability Problem:
Skills don't always activate reliably. Many developers report:

• Skills don't trigger when expected
• Having to explicitly say "use your X skill"
• Defaulting to slash commands for predictability

Consensus: Start with slash commands, use skills for passive knowledge.

Important Update: v2.1.3 Merge (January 2026):
As of Claude Code v2.1.3, slash commands have been merged into the skills system. Old slash commands in .claude/commands/ still work, but now they're part of unified skills system.

New unified format:

• Without disable-model-invocation: true → Skill (automatic)
• With disable-model-invocation: true → Slash command (manual)

Real-World Usage Pattern:
Most experienced developers follow:

1. CLAUDE.md (project conventions, always active)
2. Skills (API conventions, security patterns, domain knowledge - Claude decides when to apply)
3. Slash Commands (/deploy, /create-component, /run-tests - you explicitly invoke)

The Bottom Line:

• Slash commands = "I want to run this now" (deterministic)
• Skills = "Claude should know this" (probabilistic)

Contacts

Chris Ayers

Role: Senior Software Engineer, Azure CXP AzRel, Microsoft
Team: Azure Customer Experience Platform - Azure Reliability
Work: Builds AI-driven tooling to analyse outages and incidents across Azure

Contact:

• Website/Blog: https://chris-ayers.com/
• BlueSky: @chris-ayers.com
• LinkedIn: chris-l-ayers
• GitHub: Codebytes
• Mastodon: @Chrisayers@hachyderm.io

Key Takeaways

Architecture & Resilience

1. Messaging Patterns are Critical

   • Don't just use pub/sub - understand Outbox, Saga, Scatter-Gather patterns
   • Pattern selection drives operational resilience
   • AWS Step Functions validates Saga orchestration understanding

2. Failure is Always an Option

   • Design for failure, not just success
   • Use uptime.is to understand real impact of availability targets
   • 99% vs 99.99% is massive engineering effort difference

3. Azure Resilience Ecosystem

   • Architecture Centre: Reference architectures for what to build
   • APRL: Automated scanning to validate resilience
   • Azure Verified Modules: Pre-built, battle-tested IaC
   • All three work together for comprehensive resilience strategy

AI & Agent Development

4. Specialized Agent Pipelines > Single Agent

   • Rendle's four-persona approach (Analyst → Architect → Developer → Reviewer)
   • Mimics proven human SDLC patterns
   • Clear separation of concerns, better context management
   • Claude Code subagents are native implementation of this pattern

5. MCP Servers are Game-Changers

   • Serena: Semantic code understanding (90% of Cursor functionality, free)
   • Context7: Real-time, version-specific documentation
   • Together eliminate: outdated APIs, context overload, poor code quality

6. AI Agents Need Proper Security

   • ABAC > RBAC for AI agents
   • Consider WHO, WHAT, WHEN, WHERE, WHY
   • "Giving AI agents broad permissions = giving toddler car keys"
   • Build in observability, approval gates, least privilege

Development Practice

7. Native Web APIs are Here

   • Popover API and Dialog element exist
   • Better accessibility than JS libraries
   • Progressive enhancement opportunity

8. Usability Testing is Essential

   • Most cost-effective UX research method
   • User testing ≠ usability testing
   • Critical for government digital services

9. AI Observability Matters

   • Traditional logs insufficient for AI agents
   • OpenLit for LLM/agent workload monitoring
   • Essential for RAG systems, multi-step agents

Incident Management

10. Incident Plans Need Testing
    • CrowdStrike incident validated 3-year refined plan
    • Post-incident reviews drive improvements
    • Public sector must have robust incident processes

Cross-Framework Knowledge

11. Cloud Frameworks are Similar

    • AWS and Azure Well-Architected Frameworks share 5 core pillars
    • Principles are cloud-agnostic
    • Understanding one makes learning other straightforward

12. Code is Human Expression

    • "burn baby burn" in Apollo 11 code
    • Developers leave traces of themselves in code
    • Software is human, not just functional

Tools & Productivity

13. Claude Code Evolution

    • MCP Tool Search revolutionized context management (134k → 5k tokens)
    • Opus 4.5 inflection point for autonomous coding
    • Skills vs slash commands: Use both strategically

14. Infrastructure as Code Maturity

    • Azure Verified Modules set standard
    • Officially supported, regularly updated
    • Evolution from CARML/TFVM to unified AVM

Government/Public Sector Relevance

High Priority Applications:

• Operational resilience patterns (messaging, incident management)
• Azure Well-Architected Framework for cloud deployments
• APRL for automated resilience validation
• AI agent security (ABAC) for increasing AI adoption
• Usability testing for user-centred digital services
• MCP servers (Serena, Context7) for development productivity

Strategic Value:

• Well-Architected Framework aligns with GDS principles
• APRL provides automated compliance checking
• Azure Verified Modules reduce delivery time
• Incident management lessons from CrowdStrike
• Native web APIs support progressive enhancement

Next Steps

Immediate Actions:

1. Install Serena and Context7 MCP servers in Claude Code
2. Test Rendle's four-persona workflow using Claude Code subagents