Requirement Decomposition Prover MCP Connector for Claude
A+AI generates the happy path but omits error handling, edge cases, security, and observability — the '80% Problem'. This tool forces complete requirement decomposition BEFORE code generation: specify inputs/outputs, map failure modes, cover boundary conditions, validate OWASP, plan logging.
AI agents are excellent at generating the visible 80% of a feature. The CRUD endpoint works. The form submits. The API returns data. But the critical 20% is missing: what happens when the network fails? When the input is empty? When concurrent users hit the same resource? When the attacker sends a malformed payload? When production breaks at 3am and there are no logs?
The Problem It Solves
The '80% Problem' (documented by Augment Code, 2025): AI delivers visible features but systematically omits non-functional requirements. This creates code that works in demos and breaks in production.
- Error states missing — The happy path is defined. The failure modes are not. Network errors, database timeouts, malformed input, auth failures, race conditions — none are mapped.
- Edge cases ignored — Empty arrays, null values, maximum string lengths, concurrent access, timezone boundaries, unicode characters, zero-value amounts, negative numbers. The boundaries where bugs live.
- Security unvalidated — Input validation missing. SQL injection paths open. XSS vectors unprotected. Auth checks incomplete. The AI wrote functional code. An attacker will write the exploit.
- Observability absent — No structured logging. No error tracking. No performance metrics. No distributed tracing. If you can't see it, you can't fix it. When production breaks, you're blind.
How It Works
Requirement Decomposition Prover uses 5 Decision Pivots that force COMPLETE specification before any code is generated:
- happyPathDefined — Core functionality specified with exact inputs, outputs, state transitions, and success criteria.
- errorStatesMapped — Every failure mode identified: network, database, input, auth, timeout, race conditions. Each with recovery strategy.
- edgeCasesCovered — Boundary conditions handled: empty, null, max, concurrent, timezone, unicode, zero, negative, large datasets.
- securityValidated — OWASP Top 10 checklist: injection, broken auth, XSS, misconfiguration. Every input is untrusted.
- observabilityPlanned — Structured logging (not console.log), error tracking, performance metrics, distributed tracing.
The engine catches dismissive patterns: 'errors unlikely', 'assume valid input', 'security not needed', 'internal only'. These are the sentences that precede production incidents.
Why It Works
- Pre-generation, not post-generation — Forces completeness BEFORE code exists, when changes are free. Not after, when they're expensive.
- 13 consistency rules catch vague requirements, dismissed error states, ignored security, and absent observability.
- Grounded in IEEE 830 (requirement specification), INVEST criteria (Bill Wake), OWASP Top 10, Twelve-Factor App, and SRE principles.
- Eliminates retrofitting costs — The 80% Problem means the missing 20% often costs MORE to add later than writing the feature from scratch.
Related Connectors
One Rep Max Calculator MCP
Estimate your maximum lifting capacity using Epley, Brzycki, and Lander models.
Crop Rotation Planner MCP
Generate optimized agricultural crop rotation sequences to improve soil health and maximize income.
Pet Treat Limit Calculator MCP
Calculate the maximum number of treats your pet can have without exceeding 10% of their daily calories.
Qiita MCP
Manage your Qiita presence — publish articles, discover trending topics, and engage with the Japanese developer community from your AI agent.