Skip to main content

Built-in & Custom Agents

In PostQode, Agents are specialized AI assistants configured with their own system instructions, allowed tools, custom skills, model behavior overrides, memory levels, and execution budgets. Rather than using a generic assistant, you can invoke specialized agents tailored to specific tasks such as code reviews, security auditing, visual design implementation, and browser automation.


How Agents Work

Agents are defined as Markdown (.md) files with a YAML frontmatter block. The frontmatter defines the agent's parameters and capabilities, while the body of the file contains the system instructions that guide the agent's behavior.

Agent Configuration Fields

Each agent markdown file supports the following frontmatter properties:

PropertyDescriptionExample
nameRequired. A unique, URL-safe identifier for the agent.code-reviewer
descriptionRequired. A summary of the agent's capabilities (shown in the UI)."Review code changes..."
tools(Optional) Explicit tools the agent is permitted to use (e.g., browser tools).postqode_browser_agent
skills(Optional) Reusable instruction sets/skills the agent can load.review, cso
model(Optional) Model override behavior. Use inherit to match current chat settings.inherit
memory(Optional) The context/memory space access allowed (project or user).project
max_turns(Optional) The maximum number of consecutive actions/turns allowed.30

Packaged Built-in Agents

PostQode ships with 10 built-in agents pre-configured for common development and QA tasks. You can enable or disable these from the agent settings panel:

Agent NameDescriptionTools / SkillsMemoryMax Turns
code-reviewerReviews code changes for bugs, security vulnerabilities, performance issues, and best practices.Skills: review, csoproject30
deploy-agentShips code to production—runs tests, reviews diff, bumps version, creates/merges PR, and runs smoke tests.Skills: ship, land-and-deploy, canary, reviewproject40
design-agentAudits live sites, implements visual designs from mockups, ensures styling consistency, and fixes UI bugs.Skills: design-review, design-html, design-consultation, design-shotgunproject, user60
doc-writerKeeps documentation in sync with codebase changes (README, architecture, APIs, changelogs).Skills: document-releaseproject30
exploreFast read-only agent for file discovery, code search, and codebase analysis.(None)project30
perf-monitorBenchmarks page load times, monitors Core Web Vitals, and runs canary/health checks post-deploy.Skills: benchmark, canary, healthproject40
product-strategistProduct strategy, feature brainstorming, design thinking exercises, MVP scoping, and market briefs.Skills: office-hours, plan-ceo-review, plan-eng-reviewproject30
security-auditorAudits pipeline security, dependencies, credentials leakage, and performs threat modeling (STRIDE).Skills: csoproject40
web-automatorNavigates pages, interacts with elements, and captures screenshots to run web automation tests.Tools: postqode_browser_agent
Skills: qa, qa-only
project50
web-qaQA tests web applications by filling forms, validating UI state, auditing console errors, and logging bugs.Skills: qa, qa-onlyproject50

Key Capabilities of Built-in Agents

code-reviewer

  • Traces execution paths and analyzes changed files for bugs
  • Scans for security vulnerabilities and hardcoded secrets
  • Identifies performance bottlenecks like N+1 queries or memory leaks
  • Provides actionable, structured feedback with confidence levels

deploy-agent

  • Orchestrates release cycles, pull requests, and git deployments
  • Runs linters, test suites, and pre-flight checks automatically
  • Manages semantic version bumps and keeps changelogs synchronized
  • Performs post-deployment verification and live health smoke tests

design-agent

  • Audits live sites for spacing, alignment, and typography issues
  • Generates clean, semantic HTML and CSS from design specifications
  • Ensures full responsiveness across mobile, tablet, and desktop viewports
  • Captures before-and-after screenshots to visually verify changes

doc-writer

  • Keeps project README, API docs, and architecture charts updated
  • Detects stale or broken links, obsolete setups, and missing docs
  • Generates clean, user-oriented changelogs based on commit histories
  • Translates complex code changes into friendly, readable documentation

explore

  • Performs rapid, read-only exploration and search of codebases
  • Discovers files, tracks dependencies, and maps codebase structure
  • Answers complex questions about implementation details safely
  • Zero-risk analysis (never modifies any code or runs write commands)

perf-monitor

  • Benchmarks page load times and records Core Web Vitals (LCP, FID, CLS)
  • Performs network waterfall analysis to detect API or resource slowdowns
  • Compares current metrics against baselines to detect regressions
  • Runs automated post-deploy canary checks on critical paths

product-strategist

  • Evaluates product ideas, validates demand, and scopes MVPs
  • Brainstorms features based on user jobs-to-be-done and journeys
  • Creates structured product briefs, user personas, and success metrics
  • Helps prioritize features by balancing engineering effort vs product impact

security-auditor

  • Conducts secrets archaeology to identify hardcoded keys and tokens
  • Analyzes dependency supply chains for vulnerabilities and CVEs
  • Audits source code against OWASP Top 10 vulnerabilities
  • Builds STRIDE threat models and verifies findings with POCs

web-automator

  • Automates multi-step workflows using a persistent Chromium browser
  • Discovers interactive page elements using snapshot-based accessibility trees
  • Translates recorded user steps into robust browser automation actions
  • Captures visual screenshots and monitors console and network logs

web-qa

  • Systematically tests web applications to discover and report bugs
  • Performs form filling, link navigation, and edge case assertions
  • Inspects JavaScript console errors and failed network API requests
  • Generates structured bug reports with steps to reproduce and visual evidence

Creating Custom Agents

You can easily extend PostQode by creating custom agents tailored to your team's guidelines, technologies, or testing protocols.

Workspace (Project-Specific) Agents

Create .md files in the project configuration folder:

  • Path: .postqode/agents/

These agents are shared within your project codebase and are visible to anyone working in the same workspace.

Personal (Global) Agents

Create .md files in your home directory's configuration folder:

  • Path: ~/.postqode/agents/

These agents are available across all workspaces on your machine but are not committed to your projects.

Custom Agent Template

To create a new agent, write a Markdown file (e.g., database-expert.md) with the following format:

---
name: database-expert
description: "Optimize database queries, design schemas, write migrations, and troubleshoot query performance."
model: inherit
memory: project
max_turns: 25
---

You are a senior Database Administrator. Your goal is to design efficient schemas, write clean migrations, and optimize queries.

## Guidelines
1. Ensure all database changes include down/rollback migrations.
2. Verify query plans using EXPLAIN and ensure proper indexing for foreign keys and frequent lookups.
3. Keep transactions short and focused to avoid locking issues.

Agent Management in Settings

You can inspect, enable, and manage all your agents in the PostQode Settings:

  1. Open the PostQode panel in VS Code.
  2. Click the Settings (gear) icon.
  3. Under the Agents section, you will see all registered agents grouped by their source:
    • Built-in / Packaged: Pre-bundled with the extension.
    • Project: Workspace-specific agents loaded from .postqode/agents/.
    • Personal: Global user-level agents loaded from ~/.postqode/agents/.
    • Organization (Server): Shared organization-wide agents.

Each agent card can be expanded to view its full configuration details, such as the model, memory tier, permitted tools, max turns, and file path.