Use this when the team knows tech debt exists but can't articulate what it is, how bad it is, or what to fix first. Also use when an engineering lead needs to make the case for debt reduction to product or business stakeholders. Produces a categorized debt inventory with impact scores, a prioritized remediation roadmap, and a stakeholder-ready summary.
Related skills: Use
/delivery-diagnoseif the symptom is declining velocity -- tech debt may be one of several root causes. Pair with/migration-planwhen a debt item requires a major system migration. Use/code-reviewfor per-PR debt identification. Feed remediation priorities into/technology-roadmapto incorporate debt work into the technology investment plan.
Process
Step 1: Gather inputs
Ask the user to provide:
- System or codebase scope -- what's being assessed? A single service, a monolith, a platform, the whole stack?
- Known pain points -- what slows the team down? What do engineers complain about? What's fragile?
- Recent incidents -- any production issues caused or worsened by tech debt?
- Team size and tenure -- how many engineers? How long have they been on this codebase?
- Deployment and CI health -- build times, deployment frequency, flaky test rate, CI pass rate.
- Business context -- upcoming features, growth plans, regulatory requirements that interact with the debt.
Step 2: Categorize the debt
Use the Fowler Tech Debt Quadrant to classify each debt item:
### Tech debt inventory -- {{system}}, {{date}}
#### Debt quadrant classification
| | Deliberate | Inadvertent |
|--|-----------|-------------|
| **Reckless** | "We knew this was wrong but shipped anyway" | "We didn't know this was wrong until it broke" |
| **Prudent** | "We chose this trade-off knowingly and it served us" | "We've learned better approaches since we built this" |
For each identified debt item, capture:
| ID | Debt item | Quadrant | Category | Description | Age |
|----|-----------|----------|----------|-------------|-----|
| TD-1 | (name) | (Deliberate-Prudent / etc.) | (see categories below) | (one-line description) | (how long has it existed?) |
Debt categories:
- Architecture -- wrong abstractions, missing boundaries, scaling limitations, tight coupling
- Code quality -- duplication, naming, complexity, inconsistent patterns
- Testing -- missing tests, flaky tests, slow test suites, no integration tests
- Infrastructure -- outdated dependencies, unsupported platforms, manual deployment steps
- Documentation -- missing or outdated docs, tribal knowledge, no onboarding path
- Security -- known vulnerabilities, unpatched dependencies, missing access controls
- Data -- schema drift, migration debt, inconsistent data models across services
Step 3: Score impact
For each debt item, assess three impact dimensions:
### Impact scoring
| ID | Velocity drag | Incident risk | Feature cost multiplier | Combined score |
|----|--------------|---------------|------------------------|---------------|
| TD-1 | (1-5) | (1-5) | (1-5) | (sum) |
**Velocity drag (1-5):** How much does this slow down everyday development?
- 5: Blocks work daily. Engineers route around it constantly.
- 4: Slows most feature work. Adds hours to every PR.
- 3: Causes friction weekly. Some features take 2x longer.
- 2: Occasional annoyance. Workarounds are known and cheap.
- 1: Negligible daily impact. Engineers barely notice it.
**Incident risk (1-5):** How likely is this to cause or worsen a production incident?
- 5: Actively causing incidents. Matter of time before a major one.
- 4: Known fragility. Minor incidents have already occurred.
- 3: Latent risk. Hasn't failed yet but failure mode is clear.
- 2: Low probability. Would require unusual conditions.
- 1: Minimal risk. Well-contained even if it fails.
**Feature cost multiplier (1-5):** How much does this increase the cost of planned work?
- 5: Makes planned features infeasible without addressing it first.
- 4: Doubles the cost of upcoming features.
- 3: Adds 50%+ to feature cost in this area.
- 2: Adds some cost but features are still viable.
- 1: No meaningful impact on upcoming feature costs.
Step 4: Prioritize remediation
Rank debt items using cost of delay vs. cost to fix:
### Prioritization matrix
| ID | Debt item | Combined score | Cost to fix (T-shirt) | Payback period | Strategic alignment | Priority |
|----|-----------|---------------|----------------------|---------------|-------------------|----------|
| TD-1 | (name) | (from Step 3) | S / M / L / XL | (when does the investment pay for itself?) | (which business objective does fixing this enable or de-risk?) | P1 / P2 / P3 / Defer |
**Cost to fix (T-shirt sizing):**
- **S:** < 1 week, 1 engineer, low risk
- **M:** 1-2 weeks, 1-2 engineers, moderate risk
- **L:** 2-4 weeks, requires planning, some coordination
- **XL:** > 4 weeks, cross-team coordination, migration involved
**Priority levels:**
- **P1 -- Fix now:** High impact, reasonable cost. Blocking or creating risk.
- **P2 -- Plan next:** High impact but larger cost, or moderate impact with low cost. Schedule in next 1-2 quarters.
- **P3 -- Track:** Low impact or high cost. Revisit quarterly.
- **Defer:** Prudent debt that's still serving its purpose. Don't fix what isn't broken.
Step 5: Build the remediation roadmap
### Remediation roadmap
**Phase 1: Quick wins (next 2 iterations)**
| Debt item | Action | Owner | Definition of done |
|-----------|--------|-------|-------------------|
| (P1 items with S/M cost) | (specific action) | (team or role) | (what "fixed" looks like) |
**Phase 2: Planned investment (next quarter)**
| Debt item | Action | Dependencies | Estimated effort | Milestone |
|-----------|--------|-------------|-----------------|-----------|
| (P1 items with L/XL cost + P2 items) | (specific action) | (blockers) | (weeks) | (checkpoint) |
**Phase 3: Ongoing maintenance**
- Debt budget: Allocate {{X}}% of capacity to debt reduction (recommend 15-20%)
- Review cadence: Reassess this inventory quarterly
- Prevention: (what practices reduce new debt -- code review standards, architecture reviews, design docs)
Step 5b: Investment framing
For the top 3 debt items by priority, generate executive-ready investment summaries that frame debt in business terms:
### Investment framing -- top 3 debt items
**1. {{debt item name}}**
If we don't address this, we risk {{specific business outcome}} by {{timeline}}. Fixing it costs {{effort estimate}} and unblocks {{business capability or planned feature}}. The interest payment we're currently paying is {{ongoing friction -- e.g., "2 engineer-days per iteration in workarounds"}}.
**2. {{debt item name}}**
(Same structure)
**3. {{debt item name}}**
(Same structure)
These summaries are designed for executive and product stakeholders who need to understand why engineering capacity should be allocated to debt work. Frame as business risk, not technical complaint. Feed these into /technology-roadmap to position debt remediation alongside new technology investments.
Step 6: Generate the stakeholder summary
Write a non-technical summary for product managers, directors, or executives:
### Stakeholder summary: Technical debt in {{system}}
**The situation:** (1-2 sentences -- what's the debt and why should non-engineers care?)
**The impact on delivery:** (how this affects the team's ability to ship features)
- Current velocity drag: (estimated % of capacity spent on debt-related friction)
- Projected trend: (getting better, stable, or getting worse?)
**The risk:** (what happens if we don't address it?)
- (Specific risk 1 -- e.g., "The payment service is running on an unsupported framework version with known security vulnerabilities")
- (Specific risk 2)
**The ask:** (what the engineering team needs)
- Short term: (X days/iterations for quick wins)
- Medium term: (Y% capacity allocation for planned work)
- Ongoing: (Z% capacity budget for debt maintenance)
**The payoff:** (what improves after remediation)
- (Specific benefit 1 -- e.g., "Feature delivery in the payment area returns to normal velocity")
- (Specific benefit 2)
Step 7: Discuss
Ask the user:
- Does the inventory capture the debt you're aware of? What's missing?
- Do the impact scores match your team's experience?
- Is the prioritization right, or are there business constraints that should reorder things?
- Who needs to see the stakeholder summary? Should I adjust the framing?
- Want me to break any P1 items into implementation stories?
Output location
Present the assessment as formatted text in the conversation or save to a file if requested.
Example Output
Input
- System scope: Monolithic Rails application ("CorePlatform") backing Meridian Health's patient scheduling, billing, and provider credentialing workflows -- ~450k lines of code, ~12 years old
- Known pain points: Billing module has no test coverage, deployments require a 3-hour manual smoke-test checklist, credentialing data model was duplicated into a second service two years ago and the two are now out of sync; engineers avoid touching anything in the
legacy_claims/directory - Recent incidents: Two P1 outages in the last quarter -- one caused by a failed database migration on the claims table (4 hours downtime), one by an undocumented dependency on a deprecated third-party eligibility API that was sunset without notice
- Team size and tenure: 9 engineers; 2 have been on the codebase >5 years, 4 are <18 months, 3 are contractors onboarded in the last 6 months
- Deployment and CI health: Build time 47 minutes, deployment frequency ~1x per week (should be daily), flaky test rate ~22%, CI pass rate ~61% on first run
- Business context: HIPAA re-certification audit in 5 months, new telehealth scheduling feature planned for Q3, potential acquisition due diligence starting Q4
Output (abbreviated)
Tech debt assessment -- CorePlatform, Meridian Health
Tech debt inventory -- CorePlatform
Debt quadrant classification
| Deliberate | Inadvertent | |
|---|---|---|
| Reckless | "We shipped the claims migration without a rollback plan" | "The eligibility API dependency was never documented -- we didn't know it was deprecated" |
| Prudent | "We duplicated the credentialing model to ship the new service fast -- we knew we'd pay for it" | "The Rails monolith made sense in 2012; we've learned a lot since then" |
Debt item inventory
| ID | Debt item | Quadrant | Category | Description | Age |
|---|---|---|---|---|---|
| TD-1 | Billing module -- zero test coverage | Reckless-Inadvertent | Testing | ~18k lines in billing with no unit or integration tests; two engineers who wrote it have left | 4 years |
| TD-2 | Credentialing data model duplication | Deliberate-Prudent | Data | Two diverging schemas across CorePlatform and CredService; sync jobs fail silently ~3x/week | 2 years |
| TD-3 | Manual deployment smoke-test checklist | Deliberate-Reckless | Infrastructure | 3-hour manual checklist gates every release; no automated equivalent; single person holds tribal knowledge | 6 years |
| TD-4 | Deprecated eligibility API dependency | Inadvertent-Reckless | Infrastructure | Third-party API sunset; team built an undocumented shim that is now the production path | 8 months |
| TD-5 | legacy_claims/ module -- high cyclomatic complexity | Inadvertent-Prudent | Code quality | Average method complexity score of 34 (threshold: 10); caused the Q2 migration P1 | 7 years |
| TD-6 | Unpatched dependencies with known CVEs | Inadvertent-Reckless | Security | 14 gems with CVE ratings; 3 rated High; one affects ActiveRecord serialization | 18 months |
| TD-7 | No engineer onboarding documentation | Inadvertent-Prudent | Documentation | 3 contractors onboarded with no runbooks; knowledge lives with 2 senior engineers | 3+ years |
| TD-8 | 47-minute CI build / 22% flaky test rate | Deliberate-Prudent | Testing | Slow feedback loop; engineers skip test runs locally; flakiness erodes trust in suite | 3 years |
Impact scoring
| ID | Debt item | Velocity drag | Incident risk | Feature cost multiplier | Combined score |
|---|---|---|---|---|---|
| TD-1 | Billing -- zero test coverage | 4 | 5 | 5 | 14 |
| TD-2 | Credentialing model duplication | 3 | 4 | 5 | 12 |
| TD-3 | Manual deployment checklist | 5 | 3 | 3 | 11 |
| TD-4 | Deprecated eligibility API shim | 2 | 5 | 3 | 10 |
| TD-5 | legacy_claims/ complexity | 4 | 5 | 4 | 13 |
| TD-6 | Unpatched CVEs | 1 | 5 | 2 | 8 |
| TD-7 | No onboarding docs | 3 | 2 | 2 | 7 |
| TD-8 | CI build / flaky tests | 4 | 2 | 3 | 9 |
Prioritization matrix
| ID | Debt item | Combined score | Cost to fix | Payback period | Strategic alignment | Priority |
|---|---|---|---|---|---|---|
| TD-1 | Billing -- zero test coverage | 14 | L | 1 quarter | Unblocks telehealth billing; required for HIPAA audit | P1 |
| TD-5 | legacy_claims/ complexity | 13 | L | 1 quarter | Eliminates primary incident vector; unblocks claims feature work | P1 |
| TD-2 | Credentialing model duplication | 12 | XL | 2 quarters | Required for acquisition due diligence data integrity review | P1 |
| TD-3 | Manual deployment checklist | 11 | M | 6 weeks | Enables daily deployments; reduces release risk | P1 |
| TD-6 | Unpatched CVEs | 8 | S | Immediate | Directly required for HIPAA re-certification in 5 months | P1 |
| TD-4 | Deprecated eligibility API shim | 10 | M | 1 quarter | Eliminates live incident risk; documents critical integration | P2 |
| TD-8 | CI build / flaky tests | 9 | M | 1 quarter | Improves throughput for all feature work; engineer experience | P2 |
| TD-7 | No onboarding docs | 7 | S | Immediate | Reduces contractor ramp time; bus-factor risk | P2 |
Remediation roadmap
Phase 1: Quick wins (next 2 iterations)
| Debt item | Action | Owner | Definition of done |
|---|---|---|---|
| Unpatched CVEs (TD-6) | Run bundle audit, upgrade or replace all High/Critical gems, add bundler-audit to CI gate | Security lead + 1 engineer | Zero High/Critical CVEs; CI blocks on new vulnerabilities |
| No onboarding docs (TD-7) | Two senior engineers document deployment, local setup, and legacy_claims/ architecture; reviewed by 1 contractor as validation | Tech lead | New engineer can reach running local environment in <2 hours without help |
Phase 2: Planned investment (next quarter)
| Debt item | Action | Dependencies | Estimated effort | Milestone |
|---|---|---|---|---|
| Billing test coverage (TD-1) | Characterization tests first; target 70% line coverage; no new billing code merged without tests | Dedicated 2-engineer squad | 3 weeks | Coverage gate in CI; green before HIPAA audit kickoff |
legacy_claims/ complexity (TD-5) | Extract 4 core claim-processing classes; reduce average complexity to <12; add regression tests before refactor | TD-1 tests as safety net | 3 weeks | No methods above complexity threshold 15; claims P1 post-mortem closed |
| Manual deployment checklist (TD-3) | Convert checklist to automated smoke-test suite in CI; eliminate manual gate | DevOps contractor | 2 weeks | Deployment frequency reaches 3x/week within 30 days of completion |
| Eligibility API shim (TD-4) | Document shim; evaluate two replacement vendors; migrate to supported API | Vendor procurement | 3 weeks | No production |