ai-governance

Solid

Validates framework compliance, ownership boundaries, risk acceptance lifecycle, and manifest integrity for regulated environments. Trigger for 'are quality gates enforced', 'who owns this file', 'formally accept a known risk', 'pre-release compliance check', 'governance report for auditors'. Not for code quality; use /ai-verify instead. Not for security scanning; use /ai-security instead — this validates governance process, not code content.

AI & Automation 52 stars 3 forks Updated 4 days ago MIT

Install

View on GitHub

Quality Score: 89/100

Stars 20%

Recency 20%

100

Frontmatter 20%

Documentation 15%

100

Issue Health 10%

License 10%

100

Description 5%

100

Skill Content

# Governance ## Quick start ``` /ai-governance # compliance mode (default) /ai-governance all # all four modes /ai-governance risk accept # accept a new risk (TTL by severity) /ai-governance integrity # framework consistency check /ai-governance --report # formal report (score + verdict) ``` ## Workflow Compliance validation for regulated industries. Default mode is `compliance`. Pick a mode, run the checks, surface findings; with `--report`, generate a scored audit document. 1. **compliance** — verify quality-gate enforcement (hooks, CI workflows, non-negotiables, security contract). 2. **ownership** — map files to ownership zones (framework / team / project / system); verify modification history. 3. **risk** — record / resolve / renew risk acceptances in `decision-store.json` with severity-based TTL. 4. **integrity** — manifest counters vs disk reality; agent-skill cross-refs; state-file schemas. > Detail: see [the four modes (compliance/ownership/risk/integrity)](references/modes.md), [OPA policy-engine integration](references/policy-engine.md), [`--report` format and scoring](references/formal-report.md). ## When to Use - Governance audit, pre-release check, post-install verification. - NOT for code quality — use `/ai-verify quality`. - NOT for security scanning — use `/ai-security`. Step 0 (load contexts): read `.ai-engineering/manifest.yml` `providers.stacks`; load `.ai-engineering/overrides/<stack>/conventions.md` for each stack a...

Details

Author: arcasilesgroup
Repository: arcasilesgroup/ai-engineering
Created: 4 months ago
Last Updated: 4 days ago
Language: Python
License: MIT

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Solid

ai-security

Runs security gates: SAST with OWASP/CWE mapping, dependency vulnerability scans, secret detection, SBOM generation for compliance, pre-release security verdict. Trigger for 'is this secure', 'audit dependencies', 'check for secrets', 'security report', 'is this package safe', 'compliance review'. Not for governance process; use /ai-governance instead. Not for runtime payload inspection; use prompt-injection-guard hook instead.

52 Updated 4 days ago

arcasilesgroup

AI & Automation Listed

governance

Enforces engineering standards and code quality policies. Use during code reviews, before commits, when discussing standards or compliance, for quality audits, and when running retrospectives. Trigger phrases include 'run a retro', 'retrospective', 'code review', 'run review', or 'audit standards'.

0 Updated today

Miyamura-sudo

AI & Automation Listed

governance-audit-practice

Use when conducting a governance audit — detecting semantic drift in governance constraints, inventorying governance debt, checking three-frame alignment, or when the governance-auditor agent needs methodology for deep investigation.

34 Updated today

Habitat-Thinking