@hyperdrive.bot/bmad-sls-react

AI agents forged in
production fire.

7 battle-tested BMAD agents extracted from 500+ real sessions shipping multi-tenant SaaS products on AWS. Not theoretical — every persona encodes hard-won operational knowledge from deploy failures, permission bugs, and midnight incidents.

$ npm i -D @hyperdrive.bot/bmad-sls-react
TypeScript AWS Lambda Serverless v4 React DynamoDB Multi-Tenant BMAD v6
01 — The Crew

7 agents. Zero theory.

Each agent carries deep operational knowledge for a specific domain. They work as a team — Pirlo orchestrates, Lena plans, the specialists execute. Every persona was shaped by real production incidents.

🎯
Pirlo
Il Maestro — Full-Stack Orchestrator
The franchise. Implements stories with a strict Definition of Done: unit tests pass + deploy green + E2E green on real AWS. Sees the whole pitch, distributes to specialists, controls tempo. If E2E fails, fixes and redeploys in the same session — up to 3 cycles before escalating. Does NOT ship code that "works in unit tests but fails on real infra."
story-driven deploy-gate e2e-gate DDB single-table httpTenant middleware cross-module IAM
✂️
Lena
Pirlo-Aware Scrum Master
Writes stories that Pirlo can execute without asking a single question. Every story includes deploy subtasks, real-infra ACs, data-testid requirements, and cross-module dependency notes. Never vague — every AC is machine-verifiable.
story-writer ambiguity-killer deploy-context codebase-aware
🚀
Major Tom
Deploy Operations Veteran
15+ years shipping production systems. Thinks in mission phases: Pre-flight → Launch → Orbit → Re-entry. Knows SLS v4 deploy locks, split-stack migrations, fix-forward playbooks, and every esbuild gotcha on macOS.
CI/CD fix-forward rollback CloudFormation
🔧
Archie
Serverless Infrastructure Specialist
Owns the plumbing, not the water. Knows every SLS v4 plugin config key, every ARN variable resolution path, every cross-module IAM pattern. When a deploy fails because of plugin ordering or an ARN that resolved to the wrong module — Archie is who you call.
serverless-composer arn-prefixer split-stacks esbuild
🏢
Tess
Multi-Tenancy Architecture Specialist
Knows every DDB key pattern, every Cognito pool relationship, every ABAC policy condition. Debugs tenant provisioning failures through guided decision trees: domain resolution → middleware → identity → ABAC → data isolation.
ABAC Cognito tenant-isolation bootstrap
☁️
Gus
Google Workspace Operations
Drive, Gmail, Calendar, Docs, Sheets, Slides — all through the gws CLI. Permission audits, batch unshare operations, export pipelines. Always previews before executing, always filters by ownership.
gws-cli OAuth scopes batch-safe permission-audit
Coach
Anti-Procrastination & Weekly Planning
Integrates Calendar, Jira, Gmail, and time trackers into concrete weekly plans. Detects procrastination patterns (Ocupado, Criador de Crises, Rebelde) and intervenes with specific antidotes. Max 5 essential tasks. Everything else is "caso sobre tempo."
weekly-planning jira calendar anti-procrastination
02 — The Pipeline

Pirlo's Definition of Done

Every story goes through a 4-phase pipeline. Code that passes unit tests but fails on real infrastructure is not done. Period.

Lena writes story Phase A: Build Phase B: Deploy Phase C: E2E Gate Phase D: Cleanup
A

Build — implement + unit test every task

Execute tasks in order. Write unit tests for every subtask. Run full test suite after each task. Mark [x] only when tests actually pass. Never lie about test status.

B

Deploy — ship to dev stage on real AWS

AWS_PROFILE={profile} npx serverless@4 deployModule --stage dev --module {name}

If CloudFormation fails, read the error, fix, redeploy. Max 3 attempts.

C

Validate — E2E on real infrastructure (the gate)

Backend E2E with Cognito auth + SigV4 signed requests against real API Gateway. Frontend E2E with Playwright + data-testid contracts. If E2E fails: fix → redeploy → rerun. 3 cycles max.

D

Cleanup — delete test data, verify clean state

Always in afterAll. Prefer API DELETE over direct DDB deletes. Use randomUUID() for unique test names. No orphaned data.

03 — Battle Scars

Knowledge you can't get from docs

Every rule in these agents was learned the hard way. Here are some of the production incidents that shaped them.

💥 Deploy Lock

Two concurrent deployModule calls corrupted ZIP artifacts, meta.json, and package-lock. Now Archie enforces a filesystem advisory lock with PID-alive checks and 30-min stale detection.

💥 Cross-Module IAM

${arn:prefix} resolves per-module. Using it for another module's DDB table creates a table name that doesn't exist — silent 500s with no error in CloudWatch. Cost: 4 hours of debugging.

💥 Fire-and-Forget in Lambda

Non-awaited DynamoDB writes (.catch(() => {})) worked locally but Lambda froze the event loop after response. Zero events recorded despite the code running. Always await writes.

💥 ABAC Feature Attachment

deployModule creates the IAM policy but never attaches it to Cognito Identity Pool roles or sets principal tags. Without all three manual steps, users get 403. Every. Single. Time.

💥 Split-Stack Migration

CloudFormation's 500-resource limit hits silently. The fix requires a two-phase deploy: strip HTTP events first, deploy, then restore events and deploy again. Archie knows the dance.

💥 Tenant Theming

bg-primary resolves to white in multi-tenant apps, not an accent color. bg-primary/95 bypasses the CSS override entirely, rendering Shadcn blue. Cost: invisible dropdowns in production for 3 tenants.

04 — Installation

One command. 19 files. Done.

The postinstall script copies all agent files into your project's _bmad/sls-react/ directory automatically.

1

Install the package

npm i -D @hyperdrive.bot/bmad-sls-react

This installs the package and automatically copies 19 files into _bmad/sls-react/.

2

Configure your project

Edit _bmad/sls-react/config.yaml with your project's details:

# Your name, language, output folder
user_name: "Your Name"
communication_language: "English"

# Your AWS deployment config
deploy_profile: "your-aws-profile"
deploy_region: "us-east-1"
3

Start using agents

Load any agent in your BMAD-compatible IDE (Claude Code, Cursor, Windsurf):

# In Claude Code — load Pirlo
@_bmad/sls-react/agents/pirlo.md

# Or start a planning session with Lena
@_bmad/sls-react/agents/lena.md
Tip: Pirlo and Lena reference bmm workflows (dev-story, create-story, sprint-planning). For the full pipeline experience, install the BMAD Method framework first.
05 — Stack Fit

Built for this stack

These agents are most valuable when your project uses the following combination. They'll still work on adjacent stacks, but the deep expertise is here.

Backend

TypeScript / Node.js on AWS Lambda via Serverless Framework v4 with composer plugin. DynamoDB single-table design. API Gateway per module.

Frontend

React with TanStack Router + TanStack Query. Tailwind CSS. Multi-tenant theming via CSS variables. Amplify v6 for auth.

Infrastructure

Multi-tenant SaaS on AWS. Cognito (per-tenant User Pools + shared Identity Pool). ABAC via principal tags. Elasticsearch per-tenant indices.

CI/CD

GitLab CI or GitHub Actions. Per-module deploys. E2E tests against real AWS (not mocks). Vercel for frontend previews.