Do This, Not That
Implementation Guardrails
Input Contract
- current app architecture or proposed host framework
- the package imports currently planned
- the boundary you are unsure about
Starter Prompt
text
Audit this plan against system-core guardrails.
Planned imports:
Architecture summary:
Custom modules I intend to add:
Return:
1. what is aligned
2. what violates package boundaries
3. the corrected import paths and ownership model| Do this | Not that |
|---|---|
Use createSystem() for full products | Bootstrap your own duplicate runtime beside createSystem() |
| Import from package exports | Import internal files from core/* in app code |
Use system.auth.authentication and system.auth.sessions for login/session flows | Query Prisma directly for password auth in application routes |
Use system.storage and system.cms.media for media flows | Bolt on a parallel media abstraction without integrating package settings |
Use system.delivery for operator-controlled mail settings | Hardcode downstream mail behavior in feature routes |
| Use the correct framework adapter | Mix framework request objects into module code directly |
| Use client metadata exports for browser/admin surfaces | Ship server-only runtime objects into frontend bundles |
Application Boundaries
- App code should define pages, endpoints, UI, workflows, business rules, and external integrations.
- Package code should own the reusable platform runtime.
Safe Customization
You can extend safely through:
- plugins
- typed event listeners
- hooks
- application routes/controllers
- downstream rendering layers that consume client metadata exports