project-governance
Create and maintain project constitutions and agent instruction files. Use when establishing coding standards, adding project rules, creating agent guidance files, syncing rules across agents, or improving AI agent consistency. Also supports RFC/ADR documents for formalizing technical decisions that feed into the constitution.
Best use case
project-governance is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Create and maintain project constitutions and agent instruction files. Use when establishing coding standards, adding project rules, creating agent guidance files, syncing rules across agents, or improving AI agent consistency. Also supports RFC/ADR documents for formalizing technical decisions that feed into the constitution.
Teams using project-governance should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/project-governance/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How project-governance Compares
| Feature / Agent | project-governance | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Create and maintain project constitutions and agent instruction files. Use when establishing coding standards, adding project rules, creating agent guidance files, syncing rules across agents, or improving AI agent consistency. Also supports RFC/ADR documents for formalizing technical decisions that feed into the constitution.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Project Governance Create, modify, and maintain project constitutions and agent instruction files that guide AI agents. Also supports RFC/ADR documents for formalizing technical decisions. ## Quick Start ### Create a constitution ```bash # Analyze the project, then create oak/constitution.md # See references/constitution-guide.md for the full process ``` ### Create agent instruction files ```bash oak-dev rules detect-existing # Discover all configured agent instruction files oak-dev rules sync-agents # Sync constitution references to all agent files ``` ## Commands Reference | Command | Purpose | |---------|---------| | `oak-dev rules detect-existing` | Discover all configured agent instruction files | | `oak-dev rules detect-existing --json` | Machine-readable output of agent files | | `oak-dev rules sync-agents` | Sync constitution references to all agent instruction files | | `oak-dev rules sync-agents --dry-run` | Preview what files will be checked/updated | ## When to Use - **Creating a new constitution** for a project that doesn't have one - **Creating agent instruction files** for a new project (use `oak-dev rules detect-existing` to discover correct file names) - **Adding rules** when you identify patterns that should be standardized - **Syncing agent files** after constitution changes - **Learning context engineering theory** behind effective rule writing -- see `/context-engineering` for the altitude concept, canonical examples, and structured context patterns ## Constitution Structure A good constitution is **explicit, enforceable, and anchored**: | Quality | Good | Bad | |---------|------|-----| | Specificity | "All API endpoints MUST validate input using Pydantic models" | "Use best practices" | | Anchors | "Copy `src/features/auth/service.py` for new services" | "Follow good patterns" | | Non-goals | "This tool is NOT a CI/CD orchestrator" | (no boundaries) | | Gates | "`make check` must pass for all changes" | "Add tests if needed" | Required sections: Metadata, Scope and Non-Goals, Golden Paths with Anchor Index, Architecture Invariants, No-Magic-Literals, CLI Behavior, Quality Gates. See `references/constitution-guide.md` for the full structure and creation process. ## Key Workflows ### Creating agent instruction files **CRITICAL:** Do NOT guess agent file names. Always discover them dynamically. 1. **Discover** the correct file names and paths: `oak-dev rules detect-existing` 2. **Read** the output — it shows each configured agent, the expected file path, and whether the file already exists 3. **Create** only the files listed as "not found", using the exact paths from the output 4. **Content** should follow the template in `references/agent-file-good-example.md` 5. **Verify** all files are detected: `oak-dev rules detect-existing` (all should show ✓) ### Adding a rule to an existing constitution 1. **Read** the current constitution (`oak/constitution.md`) 2. **Add** the full rule to the appropriate section using RFC 2119 language (MUST, SHOULD, MAY) 3. **Sync** to all agent files: `oak-dev rules sync-agents` **CRITICAL:** Rules MUST be added to the constitution FIRST, then synced to agent files. Never add a rule only to an agent file. ## Common Anti-Patterns | Anti-Pattern | Problem | Fix | |--------------|---------|-----| | "Use best practices" | Not enforceable | Specify the practice | | "When possible" | Loophole generator | Define when it's required | | No anchors | Agents freestyle | Point to specific files | | No non-goals | Scope creep | Explicitly exclude things | | "Add tests if needed" | Permission to skip | Define coverage requirements | | "Make reasonable assumptions" | Inconsistent patterns | Say "ask if uncertain" | ## Files - Constitution: `oak/constitution.md` or `.constitution.md` - Agent files: Run `oak-dev rules detect-existing` to discover all agent instruction files - RFCs: `oak/rfc/RFC-XXX-short-title.md` ## Deep Dives For detailed guidance, consult the reference documents: ### Constitution & Agent Files - **`references/constitution-guide.md`** — Full constitution creation process and structure - **`references/constitution-good-example.md`** — Complete example of a well-structured constitution - **`references/constitution-bad-example.md`** — Anti-patterns to avoid - **`references/agent-files-guide.md`** — Creating and syncing agent instruction files - **`references/agent-file-good-example.md`** — Well-structured agent file example - **`references/agent-file-bad-example.md`** — Poorly structured agent file example ### RFCs (secondary) - **`references/creating-rfcs.md`** — Detailed RFC creation workflow - **`references/reviewing-rfcs.md`** — RFC review checklist and feedback format --- ## RFC Support RFCs formalize technical decisions that may eventually become constitution rules. This is a secondary capability — see the dedicated references for full details. ### RFC commands | Command | Purpose | |---------|---------| | `oak-dev rfc create --title "..." --template <type>` | Create a new RFC | | `oak-dev rfc list` | List all RFCs | | `oak-dev rfc validate <path>` | Validate RFC structure and content | | `oak-dev rfc show <path>` | Show RFC details | | `oak-dev rfc adopt <path>` | Mark RFC as adopted | | `oak-dev rfc abandon <path> --reason "..."` | Mark RFC as abandoned | ### RFC templates | Template | Use For | |----------|---------| | `feature` | New features, capabilities | | `architecture` | System architecture changes | | `engineering` | Development practices, tooling | | `process` | Team processes, workflows | ### RFC lifecycle 1. **Create**: `oak-dev rfc create --title "..." --template feature --author "Name"` 2. **Fill in**: Problem context, proposed solution, trade-offs, alternatives 3. **Review**: Use the review checklist (see `references/reviewing-rfcs.md`) 4. **Adopt or abandon**: `oak-dev rfc adopt <path>` or `oak-dev rfc abandon <path> --reason "..."` ### RFC review checklist (summary) - Structure: Clear title, correct status, all required sections - Context: Problem clearly stated, "why now?" addressed, scope defined - Decision: Solution clear, technical approach explained - Consequences: Positive/negative outcomes listed, mitigations proposed - Alternatives: Other options considered, reasons for rejection explained
Related Skills
playwright-cli
Automates browser interactions for web testing, form filling, screenshots, and data extraction. Use when the user needs to navigate websites, interact with web pages, fill forms, take screenshots, test web applications, or extract information from web pages.
swarm
Search across multiple projects in your organization's swarm. Use when you need cross-project patterns, org-level conventions, shared decisions, or want to know how other projects solved a problem. Complements the oak (team) skill which covers single-project knowledge. Also use when the user mentions swarm_search, swarm_fetch, swarm_nodes, swarm_status, or asks about what other teams/projects have done, cross-project dependencies, org-wide patterns, or collective knowledge across the organization.
swarm-report
Generate a cross-project comparative report from your organization's swarm. Use when you need an overview of all connected projects, want to compare activity levels, find shared patterns, or identify collaboration opportunities across teams. Also use when the user asks for a "swarm report", "cross-project analysis", "org overview", or wants to understand how projects relate to each other. Requires an active swarm connection.
pattern-finder
Find recurring code patterns, architectural decisions, and shared conventions across projects in your organization's swarm. Use when you want to discover what patterns other teams use, find candidates for shared libraries, or standardize approaches across the org. Also use when the user asks to "find patterns across projects", "what conventions do other teams follow", "shared code opportunities", or anything about org-wide code reuse. Requires an active swarm connection.
oak
Find out what happened, what was decided, and what depends on what in your codebase. Use this skill whenever you need to: recall past decisions or discussions ("what did we decide about X?"), check what might break before refactoring ("what depends on this module?"), find conceptually similar code that grep would miss ("all the retry/backoff logic"), look up past bugs, gotchas, or learnings, query session history or agent run costs, store observations about the codebase, or understand how components connect end-to-end. Powered by semantic search, memory lookup, and direct SQL against the Oak CI database (.oak/ci/activities.db). Also use when the user mentions oak_search, oak_context, oak_remember, oak_resolve_memory, or asks to run queries against activities.db or oak.
dependency-audit
Audit dependencies across projects in your organization's swarm. Use when you need to find version conflicts, outdated packages, or security risks across teams. Also use when the user asks for a "dependency audit", "version check across projects", "package alignment", or wants to standardize dependencies org-wide. Requires an active swarm connection.
context-engineering
Design effective prompts and optimize context for AI models and agents. Covers prompt engineering foundations (clarity, examples, chain of thought, XML structure), the four context engineering strategies (Write, Select, Compress, Isolate), agent memory and session patterns, and before/after examples showing measurable improvement. Use when writing system prompts, designing agent workflows, optimizing context windows, building prompt templates, structuring few-shot examples, reducing context rot, or improving AI output quality.
implementing-identity-governance-with-sailpoint
Deploy SailPoint IdentityNow or IdentityIQ for identity governance and administration. Covers identity lifecycle management, access request workflows, certification campaigns, role mining, SOD policy
burpsuite-project-parser
Searches and explores Burp Suite project files (.burp) from the command line. Use when searching response headers or bodies with regex patterns, extracting security audit findings, dumping proxy history or site map data, or analyzing HTTP traffic captured in a Burp project.
building-identity-governance-lifecycle-process
Builds comprehensive identity governance and lifecycle management processes including joiner-mover-leaver automation, role mining, access request workflows, periodic recertification, and orphaned account remediation using IGA platforms. Activates for requests involving identity lifecycle management, JML processes, role-based access provisioning, or identity governance program design.
Map Projection Skill
Category theory of map projections: functors between manifolds with distortion analysis.
project-planner
Detects stale project plans and suggests session commands. Triggers on: sync plan, update plan, check status, plan is stale, track progress, project planning.