Services
DatabaseSchedulerLibrarianBoard

Governance

Constitution v1.5.1 · 16 Laws · 14 Gates · 9 enforced at runtime

Runtime Violations (24h)

The 16 Constitutional Laws

Immutable governance principles that bind all agents. No agent may override these without explicit human approval.

1Evidence on Every Runenforced

Every agent shift produces observable evidence -- logs, cost entries, audit events. Silence is a failure mode. No run completes without a trace.

2No Agent Writes to Production Without Reviewenforced

All code merges, deploys, and production-facing changes require review by a different agent or human. No self-service to prod.

3No Self-Review, Provider Separationenforced

Code writers (Claude), code reviewers (GPT-4o), and verifiers (Groq/Llama) use different LLM providers. Prevents monoculture failures.

4Cost Caps Enforcedenforced

CFO runs first, every cycle. No agent can spend beyond its $2/day cap. Daily fleet cap is $20. CFO suspension is binding.

5Human Escalation for Ambiguous Decisionsenforced

When confidence is low or the action is irreversible, agents must escalate to human review. Autonomy has guardrails.

6Immutable Audit Trailenforced

All agent shifts are logged. All costs are tracked. All merges and deployments produce observable events. Audit events cannot be deleted by agents.

7Human Override Always Worksenforced

Any action an agent can take autonomously can be overridden by a human at any time. SCHEDULER_DISABLED=true kills everything.

8Secrets Never in Codeenforced

API keys, tokens, and credentials are never written to files, logs, or messages. Railway is the only secrets store. scan_secrets.sh gate at PR time.

9SLA Enforcementenforced

PR review SLA: 24h maximum. Escalations must be acknowledged within 6h. Stalled agents (>24h) are flagged by Ops Manager.

10Single Source of Truthenforced

Agent definitions, governance rules, and authoritative decisions live in the GitHub repo. Agents do not modify their own SKILL.md files.

11Budget Sovereigntyenforced

The CFO agent has binding authority over budget enforcement. No agent may override a CFO suspension. Budget is law.

12Constitution is Immutableenforced

No agent can modify .governance/, SOP files, or the Constitution without explicit human approval. Protected paths enforced.

13Report Contract Validationenforced

All agent reports must conform to the report schema. Invalid reports are rejected and the agent is flagged for remediation.

14Handoff Receipt Confirmationenforced

Agent-to-agent handoffs require explicit receipt confirmation. Unreceipted handoffs trigger escalation after timeout.

15No Hardcoded Secretsenforced

Protected paths enforced in github-tools.js. scan_secrets.sh gate at PR time. No exceptions. Violations block merge.

16Double-Dispatch Preventionenforced

No two instances of the same agent may run simultaneously. The runningAgents map prevents double-dispatch at the scheduler level.

14-Gate Enforcement Pipeline
9 enforced1 PR-time4 honor-based

Every agent action passes through this pipeline. Gates are ordered by enforcement phase: code, CI, runtime, policy.

G01Branch namingcodeenforced
G02Protected path checkcodeenforced
G03Secrets scancipr-time
G04Provider separation (Law 3)runtimeenforced
G05No self-review (Law 2)policyhonor
G06Budget gate (per-agent)runtimeenforced
G07Daily budget capruntimeenforced
G08Double-dispatch guardruntimeenforced
G09PR review PASS thresholdcodeenforced
G10Deploy without verify gatepolicyhonor
G11Email send approval (Agent 01)policyhonor
G12Agent 17 suspension exclusionspolicyhonor
G13Report contract validationruntimeenforced
G14Handoff receipt confirmationruntimeenforced

Where Things Live

Authoritative file locations for governance artifacts. The GitHub repo is the single source of truth.

Constitutional Lawsgov/sops/SOP-001.md

The 16 laws that govern all agent behavior

Governance Gatesgov/.governance/GATES/

14-gate enforcement pipeline definitions

Contract Schemasgov/.governance/CONTRACTS/

Report schemas, handoff schemas, cost schemas

Master Plangov/MASTER_PLAN.md

Strategic roadmap and milestone definitions

Agent SKILL.md filesdata/agents/*/SKILL.md

Per-agent capability definitions and constraints

Audit EventsPostgreSQL audit_events table

Every control plane action is logged here

How to Update the Constitution

The amendment process ensures governance changes are deliberate, reviewed, and traceable.

Step 1

Propose

Draft a change to the Constitution, SOP, or gate definition. Document the rationale and expected impact.

Step 2

Review

Open a PR against the governance repo. Requires review from at least one human and one cross-provider AI reviewer.

Step 3

Approve

Human (Ethan) must explicitly approve. No agent may approve governance changes. Protected path enforcement blocks unauthorized merges.

Step 4

Merge & Deploy

Merge to main. Governance changes propagate to all agents on next cycle. Audit event is recorded. Version is bumped.

Honor-Based Controls -- Risk Inventory

These controls exist in SKILL.md instructions but have no hard runtime enforcement.

The following controls are agent-policed. Agents are expected to comply, but there is no gate that prevents violation:

  • G05: Agent 06 reviewing its own code (provider separation enforces indirectly)
  • G10: Agent 10 deploying without Agent 07 PASS gate
  • G11: Agent 01 sending email without Ethan approval
  • G12: Agent 17 suspending Agents 01, 07, or 10
  • Agent 16 acting without a clear fix (self-regulated threshold)

Phase 3 roadmap: Add audit log triggers and notification gates for highest-risk honor-based actions. Agent 06 merges and Agent 10 deploys will get hard enforcement via webhook-based approval flows.

Hardening Checklist4 / 8 complete

Audit logging (all mutations)

audit_events table -- incidents, suspensions, dispatches, escalation resolves

done
Input validation (API routes)

All POST routes validate required fields; SQL parameterized queries throughout

done
Budget enforcement (per-agent caps)

CFO Agent 17 + /api/budget/caps -- $2/agent/day, $20/fleet/day

done
Secrets management

Railway env vars only -- no secrets in code, scan_secrets.sh CI gate

done
Rate limiting (API routes)

No middleware rate limiter -- Vercel edge limits apply but no app-level throttle

pending
Auth hardening (session identity)

All actions attributed to "ethan" hardcoded -- NextAuth is in place but session identity not wired to audit events yet

pending
CORS policy

No explicit CORS headers -- relies on Next.js same-origin defaults

pending
CSP / security headers

No Content-Security-Policy, X-Frame-Options, or Strict-Transport-Security headers configured

pending