Web Developer
Recommended Model
Primary: codex - Full-stack implementation, React components, API endpoints, database queries
Architecture: opus - Complex system design, architectural decisions, scalability planning
Quick fixes: sonnet - Bug fixes, small features, CSS tweaks
🔄 Automatic QA Policy
Status: ✅ ENABLED - Always iterate for UI/UX work; selective for backend
Why: Frontend/UI work is subjective and visual quality matters. Backend work is more objective but still benefits from completeness review.
What this means:
- Fitz automatically QA's all web development deliverables after sub-agent completion
- Creates detailed feedback document if requirements missing or quality issues found
- Spawns iteration agent with feedback until work is complete
- You only review finished, production-ready code
Quality Bar:
- ✅ Meets ALL requirements in task brief (not partial completion)
- ✅ UI work matches any design inspiration provided
- ✅ Code is clean, well-organized, and maintainable
- ✅ Responsive design works on mobile and desktop
- ✅ Dark mode support if applicable
- ✅ No placeholder/rough styling on customer-facing interfaces
- ✅ Backend APIs have proper error handling and validation
- ✅ Works correctly - no obvious bugs or breaking changes
Exceptions:
- Quick fixes/patches: Single QA review, don't iterate unless broken
- Backend-only work: Light QA (works correctly?), not visual polish
- Experiments/prototypes: Skip QA if marked as draft
You can override: Say "skip QA" or "good enough, ship it" to bypass iteration
Core Expertise
Frontend Development
- React - Modern hooks, component patterns, state management
- Vite - Fast builds, HMR, optimization
- Tailwind CSS - Utility-first styling, design systems
- Chart.js / D3 - Data visualization
- Responsive design - Mobile-first, accessible UIs
Backend Development
- Node.js + Express - RESTful APIs, middleware, routing
- Database integration - PostgreSQL, MongoDB, Supabase
- Authentication - OAuth, JWT, session management
- API design - RESTful patterns, versioning, documentation
Full-Stack Patterns
- Project structure - Monorepo vs. separate repos
- State management - Context, Zustand, React Query
- Error handling - Client + server side
- Performance optimization - Code splitting, lazy loading, caching
- Deployment - Vercel, Railway, PM2, Docker
Project Architecture Checklist
Before starting any web project, define:
1. Tech Stack
- Frontend framework (React, Vue, vanilla JS?)
- Build tool (Vite, Next.js, Create React App?)
- Styling approach (Tailwind, CSS modules, styled-components?)
- State management (Context, Zustand, Redux?)
- Backend runtime (Node, Deno, Bun?)
- Database (PostgreSQL, MongoDB, Supabase, Firebase?)
2. Project Structure
project-name/
├── frontend/ # React app
│ ├── src/
│ │ ├── components/
│ │ ├── pages/
│ │ ├── hooks/
│ │ ├── utils/
│ │ ├── api/ # API client functions
│ │ └── App.jsx
│ ├── public/
│ └── package.json
├── backend/ # Express API
│ ├── routes/
│ ├── controllers/
│ ├── models/
│ ├── middleware/
│ └── server.js
└── README.md
3. Data Flow
- How does data get from backend → frontend?
- Where is state stored (local, context, external store)?
- How are API calls handled (fetch, axios, React Query)?
- What's the caching strategy?
4. Error Handling
- Client-side error boundaries
- API error responses (consistent format)
- User-facing error messages
- Logging strategy
React Best Practices
Component Patterns
Presentational Components (UI only):
export function MetricCard({ title, value, change, status }) {
return (
<div className={`card status-${status}`}>
<h3>{title}</h3>
<div className="value">{value}</div>
<div className={`change ${change > 0 ? 'positive' : 'negative'}`}>
{change > 0 ? '↑' : '↓'} {Math.abs(change)}%
</div>
</div>
)
}
Container Components (logic):
export function Dashboard() {
const [data, setData] = useState(null)
const [loading, setLoading] = useState(true)
useEffect(() => {
fetchData().then(setData).finally(() => setLoading(false))
}, [])
if (loading) return <LoadingSpinner />
return <MetricCard {...data} />
}
Custom Hooks (reusable logic):
function useAPI(endpoint) {
const [data, setData] = useState(null)
const [loading, setLoading] = useState(true)
const [error, setError] = useState(null)
useEffect(() => {
fetch(endpoint)
.then(res => res.json())
.then(setData)
.catch(setError)
.finally(() => setLoading(false))
}, [endpoint])
return { data, loading, error }
}
State Management Philosophy
- useState - Local component state
- useContext - Shared state (theme, user, global settings)
- React Query / SWR - Server state (API data, caching)
- Zustand / Redux - Complex global state (if really needed)
Rule: Keep state as local as possible. Lift only when necessary.
API Design Patterns
RESTful Endpoints
GET /api/portfolio/overview # Summary stats
GET /api/properties # List all properties
GET /api/properties/:id # Single property details
POST /api/properties/:id/metrics # Update metrics
GET /api/insights # AI-generated insights
GET /api/alerts # Active alerts
Response Format (Consistent)
{
"status": "success",
"data": { ... },
"meta": {
"timestamp": "2026-01-29T20:00:00Z",
"cached": true
}
}
Error Format
{
"status": "error",
"error": {
"code": "VALIDATION_ERROR",
"message": "Invalid property ID",
"details": { ... }
}
}
Performance Optimization
Frontend
- Code splitting - Lazy load routes/components
- Memoization -
useMemo,React.memofor expensive renders - Virtualization - For long lists (react-window)
- Image optimization - WebP, lazy loading, srcset
- Bundle analysis - Keep bundle size < 500KB
Backend
- Caching - Redis, in-memory cache for frequent queries
- Database indexing - Index frequently queried fields
- Rate limiting - Prevent API abuse
- Compression - gzip/brotli responses
- Connection pooling - Reuse database connections
Network
- HTTP/2 - Multiplexing, server push
- CDN - Static assets served from edge
- Prefetching - Preload critical resources
- Service workers - Offline support, caching
Design System Integration
When building UIs, establish:
1. Color System
:root {
--color-primary: #6366f1;
--color-success: #10b981;
--color-warning: #f59e0b;
--color-danger: #ef4444;
--bg-primary: #ffffff;
--bg-secondary: #f8fafc;
--text-primary: #0f172a;
--text-secondary: #475569;
}
2. Typography Scale
--text-xs: 12px;
--text-sm: 14px;
--text-base: 16px;
--text-lg: 18px;
--text-xl: 20px;
--text-2xl: 24px;
--text-3xl: 30px;
--text-4xl: 36px;
3. Spacing System
--spacing-1: 4px;
--spacing-2: 8px;
--spacing-3: 12px;
--spacing-4: 16px;
--spacing-6: 24px;
--spacing-8: 32px;
4. Component Library
- Buttons (primary, secondary, danger, ghost)
- Cards (default, elevated, bordered)
- Inputs (text, select, checkbox, radio)
- Alerts (success, warning, error, info)
- Modals, tooltips, dropdowns
- Loading states (spinners, skeletons)
Common Pitfalls to Avoid
Frontend
- ❌ Prop drilling (use Context or composition)
- ❌ Too many useEffect hooks (consolidate logic)
- ❌ Inline styles (use CSS modules or Tailwind)
- ❌ Not handling loading/error states
- ❌ Forgetting accessibility (ARIA labels, keyboard nav)
Backend
- ❌ No input validation (validate everything)
- ❌ SQL injection vulnerabilities (use parameterized queries)
- ❌ Exposing sensitive data (sanitize responses)
- ❌ No rate limiting (protect against abuse)
- ❌ Poor error messages (be specific but safe)
Architecture
- ❌ Premature optimization (build it first, optimize later)
- ❌ Over-engineering (KISS principle)
- ❌ No separation of concerns (mix UI + logic)
- ❌ Tight coupling (components should be modular)
- ❌ No testing (at least smoke tests for critical paths)
Deployment Checklist
Before shipping:
- Environment variables configured (not hardcoded)
- Error logging set up (Sentry, LogRocket)
- Analytics tracking (GA4, Plausible)
- Performance monitoring (Lighthouse, Web Vitals)
- Security headers configured (CSP, CORS, HSTS)
- Database backups scheduled
- SSL certificate active
- API rate limiting enabled
- Error boundaries in place
- Loading states for all async actions
- Mobile responsiveness tested
- Accessibility audit passed (WCAG AA minimum)
- README with setup instructions
- Documentation for API endpoints
Debugging Workflow
Frontend Issues
- Check browser console (errors, warnings)
- React DevTools (component tree, props, state)
- Network tab (API calls, response times)
- Performance tab (render times, memory leaks)
Backend Issues
- Check server logs (errors, stack traces)
- Test endpoints with curl/Postman
- Database query logs (slow queries)
- Memory/CPU usage (resource leaks)
Integration Issues
- CORS errors (check headers)
- Authentication failures (token expiration?)
- Data format mismatches (backend vs frontend)
- Caching issues (stale data)
Tech Stack Decision Matrix
| Need | Recommended | Alternative |
|---|---|---|
| Frontend framework | React + Vite | Next.js (if SSR needed) |
| Styling | Tailwind CSS | CSS Modules |
| State management | Context + React Query | Zustand |
| Backend | Node + Express | Fastify (faster) |
| Database | PostgreSQL + Supabase | MongoDB |
| Deployment | Vercel (frontend) + Railway (backend) | Docker + VPS |
| Auth | Supabase Auth | Auth0, Clerk |
| Charts | Chart.js | Recharts, D3 |
Example Project Structure (Analytics Dashboard)
analytics-dashboard/
├── frontend/
│ ├── src/
│ │ ├── components/
│ │ │ ├── MetricCard.jsx
│ │ │ ├── PropertyCard.jsx
│ │ │ ├── InsightsPanel.jsx
│ │ │ └── TrafficChart.jsx
│ │ ├── pages/
│ │ │ ├── Dashboard.jsx
│ │ │ ├── PropertyDetail.jsx
│ │ │ └── InsightsHub.jsx
│ │ ├── hooks/
│ │ │ ├── useAPI.js
│ │ │ ├── useInsights.js
│ │ │ └── useAlerts.js
│ │ ├── api/
│ │ │ └── client.js
│ │ ├── App.jsx
│ │ └── index.css
│ └── package.json
├── backend/
│ ├── routes/
│ │ ├── portfolio.js
│ │ ├── insights.js
│ │ └── alerts.js
│ ├── services/
│ │ ├── ga4.js
│ │ ├── anomalyDetection.js
│ │ └── recommendations.js
│ ├── cache.js
│ └── server.js
└── README.md
When to Ask for Help
- Complex architectural decisions → Use
opusfor strategic thinking - Performance bottlenecks → Profile first, optimize second
- Security concerns → Always better to ask
- Unfamiliar APIs → Read docs, test in isolation first
- Breaking changes → Check migration guides, changelogs
Quality Standards
Ship code that:
- ✅ Works on mobile AND desktop
- ✅ Has loading states for all async operations
- ✅ Handles errors gracefully (no silent failures)
- ✅ Is accessible (keyboard nav, ARIA labels)
- ✅ Performs well (Lighthouse score >90)
- ✅ Is maintainable (clear naming, comments where needed)
- ✅ Follows the project's existing patterns
Don't ship code that:
- ❌ Has console.log statements (remove or use proper logging)
- ❌ Has hardcoded API keys or secrets
- ❌ Breaks on edge cases (test thoroughly)
- ❌ Has poor performance (optimize critical paths)
- ❌ Is inaccessible (test with keyboard + screen reader)
Philosophy
- Pragmatic over perfect - Ship working code, iterate based on real usage
- User-first - Performance, accessibility, and UX trump developer convenience
- Consistency - Follow established patterns in the codebase
- Clarity - Code is read more than written; prioritize readability
- Resilience - Assume things will fail; handle errors gracefully
Use this skill when: Building or refactoring web applications, making architectural decisions, optimizing performance, or debugging complex full-stack issues.