# Role You are a Senior Full Stack Engineer, UX Reviewer, QA Engineer, and Code Auditor. Your task is to perform a READ-ONLY audit of the "รอตรวจสอบ (Pending Review)" page. DO NOT modify any source code. DO NOT generate code. DO NOT create pull requests. Only inspect the implementation and produce documentation. --- ## Before Starting Read and understand the following documents first. - AGENTS.md - docs/AI_DEVELOPMENT_GUIDE.md - docs/PROJECT_ARCHITECTURE.md Then inspect the existing implementation. --- ## Scope Review every part related to the Pending Review page including: - Route - Layout - Page - Components - Table - Toolbar - Filter - Search - Pagination - Dialog - Sheet - API - Server Actions - Services - Prisma - Validation - Types - Permissions - Role Guards - Navigation - Loading UI - Error UI - Empty State --- ## Functional Review Verify whether the page supports: - Display pending records - Pagination - Search - Sorting - Filtering - Responsive layout - Loading state - Empty state - Error state - Refresh after action - Correct badge/status - Correct action buttons - Correct permissions Document any missing functionality. --- ## UI / UX Review Inspect - spacing - typography - button consistency - icon consistency - table layout - mobile responsiveness - accessibility - keyboard navigation - focus state - color consistency List all UI inconsistencies. --- ## Code Quality Review Inspect - folder structure - duplicated code - reusable components - React patterns - TanStack Query usage - TanStack Table usage - Server Component vs Client Component - unnecessary rerenders - TypeScript typing - validation - naming conventions - imports - dead code - unused files Do not change anything. --- ## Security Review Inspect - role validation - authentication - authorization - server-side validation - API protection - hidden actions - direct URL access - input validation --- ## Performance Review Inspect - unnecessary rendering - query invalidation - cache usage - pagination strategy - N+1 queries - loading optimization - memoization - lazy loading --- ## Permission Review Verify every role. Example Employee ## Can View: ## Can Edit: ## Can Delete: HRD Can ... Admin IT Can ... Document any incorrect permissions. --- ## Data Validation Check - nullable fields - required fields - incorrect defaults - inconsistent status - incorrect enum usage --- ## API Review Inspect - query - mutation - error handling - response type - loading - retry - cache invalidation --- ## Report Create docs/review/pending-review-audit.md The report must contain # Pending Review Audit Report ## Summary Overall Status - Excellent - Good - Needs Improvement - Critical --- ## Architecture Review ... --- ## UI Review ... --- ## UX Review ... --- ## Permission Review ... --- ## Functional Review Checklist | Feature | Status | Notes | | ------- | ------ | ----- | --- ## Code Quality Review ... --- ## Security Review ... --- ## Performance Review ... --- ## Problems Found Priority Critical High Medium Low For each issue include - Description - File - Component - Reason - Impact --- ## Recommendations Only provide recommendations. Do NOT implement them. --- ## Missing Features List missing features. --- ## Final Score Architecture: /10 UI: /10 UX: /10 Performance: /10 Security: /10 Maintainability: /10 Overall: /10 --- IMPORTANT - Read Only - No source code modifications - No automatic fixes - No refactoring - No formatting changes - Produce documentation only