governance-core 0.1.0__tar.gz

governance_core-0.1.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 napheir
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

governance_core-0.1.0/PKG-INFO

@@ -0,0 +1,147 @@
+Metadata-Version: 2.4
+Name: governance-core
+Version: 0.1.0
+Summary: Reusable multi-agent governance infrastructure (hooks + proposal + wrap-up + constitution iteration) extracted from agent-core (P-0059).
+Author: agent-core core agent
+License: MIT
+Keywords: claude-code,multi-agent,governance,proposal,hooks
+Classifier: Development Status :: 3 - Alpha
+Classifier: Intended Audience :: Developers
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Requires-Python: >=3.11
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: filelock>=3.12
+Requires-Dist: python-frontmatter>=1.0
+Requires-Dist: PyYAML>=6.0
+Provides-Extra: dev
+Requires-Dist: pytest>=7.0; extra == "dev"
+Requires-Dist: pytest-cov>=4.0; extra == "dev"
+Requires-Dist: black>=23.0; extra == "dev"
+Requires-Dist: ruff>=0.1.0; extra == "dev"
+Dynamic: license-file
+
+# governance-core
+
+[![PyPI](https://img.shields.io/badge/PyPI-0.1.0a0-blue)](https://pypi.org/project/governance-core/)
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](LICENSE)
+
+**Reusable multi-agent governance infrastructure for Claude Code projects.**
+
+Drop-in package providing a complete governance layer (constitution clauses,
+safety hooks, proposal workflow, wrap-up discipline, cross-clone sync) so
+you can focus on your project's business logic instead of re-inventing
+multi-agent coordination from scratch.
+
+## What you get
+
+Install this package + run `governance-core install` in a new project, and
+your project immediately has:
+
+- **5 safety hooks** (PreToolUse + PostToolUse): scope-guard, edit-write-guard,
+  session-boundary-guard, command-guard, sensitive-data-guard — all configurable
+  via `.governance/config.json`
+- **Proposal workflow** (`/proposal` skill): classify gate, draft / submit /
+  approve / complete / archive state machine with audit trail
+- **Wrap-up discipline** (`/wrap-up` skill): STATE.md + git + knowledge
+  publishing + skill learning in one command
+- **Constitution iteration** (`/iterate-constitution` skill): structured
+  constitutional change workflow with red-line audit
+- **Cross-clone coordination** (`/sync-infra`, `/sync-repos`): physical-files
+  sync + cross-repo git operations
+- **17 constitution clauses** (`art_00`..`art_16` + appendix) covering ritual,
+  config management, contracts, scope governance, test/prod unification,
+  git discipline, artifacts, constitutional protection, wrap-up discipline,
+  memory staleness, etc.
+
+## Quick start
+
+This package is one half of a 2-piece distribution. The other half is
+[multi-agent-template](https://github.com/napheir/multi-agent-template) — a
+cookiecutter template + bootstrap CLI that generates a new project skeleton.
+
+Typical workflow:
+
+```bash
+# One-time setup (per machine)
+pip install cookiecutter
+pip install governance-core
+pip install multi-agent-bootstrap
+
+# Per-project: one-line bootstrap
+multi-agent-bootstrap new my-project \
+    --agents core,data \
+    --ritual-phrase "Acknowledged"
+
+# Verify
+cd ~/workshop-claude/my-project
+governance-core doctor --project-root .
+```
+
+See [docs/architecture.md](docs/architecture.md) for the full picture
+(generic vs business boundary, config injection mechanism, upgrade flow,
+cross-clone coordination).
+
+## Standalone CLI usage
+
+You can also install governance-core directly into an existing multi-agent
+project (without cookiecutter):
+
+```bash
+cd /path/to/your/project
+pip install governance-core
+
+# Write .governance/config.json with your project config
+mkdir -p .governance
+cat > .governance/config.json <<EOF
+{
+  "project_name": "my-project",
+  "ritual_phrase": "OK",
+  "core_agent_name": "core",
+  "agents": [
+    {"name": "core", "branch": "master", "clone_dir": "agent-core"}
+  ]
+}
+EOF
+
+# Render clauses + install hooks/skills
+governance-core install --project-root .
+
+# Validate
+governance-core doctor --project-root .
+```
+
+Subsequent updates: `git pull` this repo, `pip install -e . --upgrade`,
+then `governance-core upgrade --project-root /path/to/your/project` (this
+preserves your `.governance/config.json` but refreshes clauses/hooks/skills).
+
+## Example content disclaimer
+
+Some clauses and knowledge docs in this package contain examples drawn from
+the **upstream project** where governance-core was first developed (domain
+terminology, pipeline names, broker/API references, agent name conventions).
+These are **explanatory examples**, not requirements. Your project's
+`.governance/config.json` supplies its own agent names, ritual phrase, and
+clause keywords; the package's logic is project-agnostic.
+
+A v1.0 release will template-ize all example tables; v0.1.0 ships with
+disclaimers attached to mixed clauses and methodology docs.
+
+## Project status
+
+**v0.1.0-alpha** (2026-05):
+- API may break between minor versions (0.1.x)
+- Stable from 1.0.0 onwards
+- Bug reports + PRs welcome
+
+## License
+
+MIT — see [LICENSE](LICENSE).
+
+## Related
+
+- [multi-agent-template](https://github.com/napheir/multi-agent-template) —
+  companion cookiecutter template + bootstrap CLI
+- Trade Agent (the project where this package was first developed) — private

governance_core-0.1.0/README.md

@@ -0,0 +1,122 @@
+# governance-core
+
+[![PyPI](https://img.shields.io/badge/PyPI-0.1.0a0-blue)](https://pypi.org/project/governance-core/)
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](LICENSE)
+
+**Reusable multi-agent governance infrastructure for Claude Code projects.**
+
+Drop-in package providing a complete governance layer (constitution clauses,
+safety hooks, proposal workflow, wrap-up discipline, cross-clone sync) so
+you can focus on your project's business logic instead of re-inventing
+multi-agent coordination from scratch.
+
+## What you get
+
+Install this package + run `governance-core install` in a new project, and
+your project immediately has:
+
+- **5 safety hooks** (PreToolUse + PostToolUse): scope-guard, edit-write-guard,
+  session-boundary-guard, command-guard, sensitive-data-guard — all configurable
+  via `.governance/config.json`
+- **Proposal workflow** (`/proposal` skill): classify gate, draft / submit /
+  approve / complete / archive state machine with audit trail
+- **Wrap-up discipline** (`/wrap-up` skill): STATE.md + git + knowledge
+  publishing + skill learning in one command
+- **Constitution iteration** (`/iterate-constitution` skill): structured
+  constitutional change workflow with red-line audit
+- **Cross-clone coordination** (`/sync-infra`, `/sync-repos`): physical-files
+  sync + cross-repo git operations
+- **17 constitution clauses** (`art_00`..`art_16` + appendix) covering ritual,
+  config management, contracts, scope governance, test/prod unification,
+  git discipline, artifacts, constitutional protection, wrap-up discipline,
+  memory staleness, etc.
+
+## Quick start
+
+This package is one half of a 2-piece distribution. The other half is
+[multi-agent-template](https://github.com/napheir/multi-agent-template) — a
+cookiecutter template + bootstrap CLI that generates a new project skeleton.
+
+Typical workflow:
+
+```bash
+# One-time setup (per machine)
+pip install cookiecutter
+pip install governance-core
+pip install multi-agent-bootstrap
+
+# Per-project: one-line bootstrap
+multi-agent-bootstrap new my-project \
+    --agents core,data \
+    --ritual-phrase "Acknowledged"
+
+# Verify
+cd ~/workshop-claude/my-project
+governance-core doctor --project-root .
+```
+
+See [docs/architecture.md](docs/architecture.md) for the full picture
+(generic vs business boundary, config injection mechanism, upgrade flow,
+cross-clone coordination).
+
+## Standalone CLI usage
+
+You can also install governance-core directly into an existing multi-agent
+project (without cookiecutter):
+
+```bash
+cd /path/to/your/project
+pip install governance-core
+
+# Write .governance/config.json with your project config
+mkdir -p .governance
+cat > .governance/config.json <<EOF
+{
+  "project_name": "my-project",
+  "ritual_phrase": "OK",
+  "core_agent_name": "core",
+  "agents": [
+    {"name": "core", "branch": "master", "clone_dir": "agent-core"}
+  ]
+}
+EOF
+
+# Render clauses + install hooks/skills
+governance-core install --project-root .
+
+# Validate
+governance-core doctor --project-root .
+```
+
+Subsequent updates: `git pull` this repo, `pip install -e . --upgrade`,
+then `governance-core upgrade --project-root /path/to/your/project` (this
+preserves your `.governance/config.json` but refreshes clauses/hooks/skills).
+
+## Example content disclaimer
+
+Some clauses and knowledge docs in this package contain examples drawn from
+the **upstream project** where governance-core was first developed (domain
+terminology, pipeline names, broker/API references, agent name conventions).
+These are **explanatory examples**, not requirements. Your project's
+`.governance/config.json` supplies its own agent names, ritual phrase, and
+clause keywords; the package's logic is project-agnostic.
+
+A v1.0 release will template-ize all example tables; v0.1.0 ships with
+disclaimers attached to mixed clauses and methodology docs.
+
+## Project status
+
+**v0.1.0-alpha** (2026-05):
+- API may break between minor versions (0.1.x)
+- Stable from 1.0.0 onwards
+- Bug reports + PRs welcome
+
+## License
+
+MIT — see [LICENSE](LICENSE).
+
+## Related
+
+- [multi-agent-template](https://github.com/napheir/multi-agent-template) —
+  companion cookiecutter template + bootstrap CLI
+- Trade Agent (the project where this package was first developed) — private

governance_core-0.1.0/governance_core/__init__.py

@@ -0,0 +1,6 @@
+"""governance-core — reusable multi-agent governance infrastructure.
+
+P-0059 Phase 1 skeleton. Generic resources to be migrated in Phase 1.2-1.4.
+"""
+
+__version__ = "0.1.0"

governance_core-0.1.0/governance_core/agent_rules/shared.allow_commands.txt

@@ -0,0 +1,34 @@
+# Read-only Git (no extra confirmation needed)
+prefix:git status
+prefix:git diff
+prefix:git log
+prefix:git branch -l
+prefix:git branch --list
+prefix:git branch -r
+prefix:git branch -a
+prefix:git show
+
+# Testing and validation
+prefix:python -m pytest
+prefix:python tools/check_scope.py
+prefix:python tools/post_turn_verify.py
+
+# Port check (network precheck commands)
+prefix:python -c "import socket
+
+# Safe rm into well-known temp / cache locations
+# (these bypass shared.deny_commands_regex.txt wide rm pattern; see
+# proposals/harden_destructive_command_guard.md sec.2.2b)
+prefix:rm /tmp/
+prefix:rm -f /tmp/
+prefix:rm -rf /tmp/
+prefix:rm -f ~/.claude/cache/
+prefix:rm -rf ~/.claude/cache/
+prefix:rm -f *.tmp
+prefix:rm -f *.log
+prefix:rm -rf __pycache__/
+prefix:rm -rf .pytest_cache/
+
+# Windows del equivalents
+prefix:del /q *.tmp
+prefix:del /q *.log

governance_core-0.1.0/governance_core/agent_rules/shared.deny.txt

@@ -0,0 +1,2 @@
+common/
+.baseline_commit

governance_core-0.1.0/governance_core/agent_rules/shared.deny_commands.txt

@@ -0,0 +1,51 @@
+# Dangerous Git operations
+git push --force
+git push -f
+git reset --hard
+git clean -fd
+
+# Git remote-branch destruction (delete remote branches)
+git push origin :
+git push origin --delete
+git push --delete
+
+# Git history rewrite
+git filter-branch
+git reflog expire
+git update-ref -d
+
+# Dangerous file operations
+rm -rf /
+rm -rf ~
+rm -rf .
+
+# .git dir attacks (literal; path variants in shared.deny_commands_regex.txt)
+rm -rf .git
+
+# Find-delete pattern
+find . -delete
+
+# Windows shell raw destructive forms
+del /F /S /Q
+del /S /Q
+del /Q /F
+del /Q /S
+Remove-Item -Recurse -Force
+Remove-Item -Force -Recurse
+
+# Database destructive operations (uppercase)
+DROP TABLE
+DROP DATABASE
+TRUNCATE
+
+# Database destructive operations (common-case variants;
+# regex layer also has case-insensitive coverage in deny_commands_regex.txt)
+drop table
+Drop Table
+drop database
+Drop Database
+truncate table
+Truncate Table
+
+# External broker trade-unlock commands (only the trade-role agent may unlock, globally denied here)
+unlock_trade

governance_core-0.1.0/governance_core/agent_rules/shared.deny_commands_regex.txt

@@ -0,0 +1,61 @@
+# Regex deny patterns for command-guard.py Layer 1.5.
+#
+# Format: one Python regex per line. Blank lines and lines starting with # ignored.
+# Patterns are applied via re.search() so they match anywhere in the command.
+# Commands matching shared.allow_commands.txt prefix list (Layer 0.5) bypass
+# this layer entirely — that is the wide-rm + prefix-whitelist tradeoff
+# discussed in proposals/harden_destructive_command_guard.md sec.2.2 / sec.8 Q1.
+#
+# Bad regex in this file = fail-closed (block all commands, surface error).
+
+# rm -rf with any path argument that is not whitelisted
+# (catches absolute Windows paths, $HOME, ../, ./*, etc.)
+^\s*rm\s+(-[rRfF]+\s+)+[^|;&]*[\w./~$]
+^\s*sudo\s+rm\s+-
+
+# Force push variants (force-with-lease included; --force=anything)
+\bgit\s+push\b.*--force(-with-lease)?\b
+\bgit\s+push\b.*\s-f\b
+\bgit\s+push\b.*\s:\S+
+\bgit\s+push\b.*--delete\b
+
+# Branch / tag / remote destruction
+\bgit\s+branch\s+-D\b
+\bgit\s+tag\s+-d\b
+\bgit\s+remote\s+(rm|remove)\b
+
+# History rewriting that may not match exact literal forms
+\bgit\s+gc\b.*--prune=now
+\bgit\s+update-ref\s+-d\b
+
+# Case-insensitive SQL destruction (covers lowercase + title-case)
+(?i)\b(drop|truncate)\s+(table|database|schema)\b
+(?i)\bdelete\s+from\s+\w+\s*(;|--|$)
+
+# SQL TRUNCATE without explicit "table" keyword (some dialects accept
+# TRUNCATE <name>;). Distinguishes from unix `truncate -s SIZE FILE`
+# by requiring no `-` arg (unix truncate needs -s flag).
+(?i)\btruncate\s+\w+\s*(;|$)
+
+# find . -delete in any path-arg permutation (catches -type f -delete etc.)
+\bfind\b.*\s-delete\b
+
+# PowerShell Remove-Item with -Force or -Recurse, any order/casing.
+# Covers both PS5.1 (powershell.exe) and PS7 (pwsh) since the cmdlet name
+# is identical.
+(?i)\bRemove-Item\b.*(-Recurse|-Force)
+(?i)\bRemove-Item\b.*-r\w*\s.*-f\w*
+
+# Windows del with destructive flag combinations
+(?i)\bdel\b.*(/s|/q|/f).*(/s|/q|/f)
+
+# Redirect-truncate of sensitive files (.env, .git/, *.db, *.sqlite, config/)
+^\s*(:|cat\s+/dev/null|true|echo\s*)\s*>\s*\S+
+^\s*>\s*\S*(\.env|\.git/|\.db|\.sqlite|config/)
+
+# rm targeting .git directory anywhere (path-variant of literal above)
+\brm\s+(-[rRfF]+\s+)*\S*\.git(/|\b)
+
+# Disk-level destruction (defense in depth, low likelihood)
+\bdd\s+if=.*of=/dev/
+\bmkfs\.\w+\b

governance_core-0.1.0/governance_core/agents/README.md

@@ -0,0 +1,3 @@
+# governance_core/agents
+
+Generic agent role definitions — migrated in Phase 1.3.

governance_core-0.1.0/governance_core/agents/core-auditor.md

@@ -0,0 +1,90 @@
+---
+name: core-auditor
+description: 项目治理、测试体系、安全审计
+theme: universal
+owner: core
+tools:
+  - Read
+  - Write
+  - Bash
+  - Grep
+---
+
+# Core Auditor
+
+你是项目治理与质量保证专家，负责跨 agent 审计和测试体系维护。
+
+## 核心职责
+1. Scope 合规审计 — 运行 `tools/check_scope.py` 验证 agent 遵守 scope 规则
+2. 契约演进审计 — 审查 `contracts/` 变更的向后兼容性和 SemVer 遵守
+3. 配置安全审计 — 检查 `config/` 中的敏感信息泄漏和硬编码违规
+4. P0-P4 测试体系 — 维护五层测试金字塔（契约/集成/版本化/E2E/每日回归）
+5. Git 纪律审计 — 验证 Conventional Commits、分支策略、.gitignore
+
+## 工作范围
+- 可修改: `tests/`, `tools/`, `contracts/`, `agent_rules/`, `config/`, `audit/`, `common/`, `skills/`, `agents/`, `.claude/`
+- 可读取: 所有仓库（core 拥有治理权限）
+
+## 当前分支
+master
+
+## 关键工具
+- `python tools/check_scope.py --agent <name>` — scope 验证
+- `python tools/audit_sub_constitutions.py` — 子宪法审计
+- `python tools/run_daily_regression.py` — P4 每日回归测试
+- `pytest tests/` — P0-P3 测试
+
+## 审计输出
+- 审计报告: `audit/`
+- 测试报告: `artifacts/daily_tests/`
+- 测试手册: `tests/daily/MANUAL.md`
+
+## 阶段总结 — Notion 操作手册（Core 专属）
+
+宪法第十四条要求通过 `/wrap-up` skill 完成阶段总结。Core 在 skill 第 3 步（Notion 更新）
+需按以下操作细节执行。子宪法扩展点（宪法 14.x 末行授权）。
+
+### 负责页面
+
+| 手册 | Notion Page ID | 说明 |
+|------|---------------|------|
+| 测试操作手册 | `32852783-35f3-8151-95e6-c07e3622d850` | 质量保证测试体系（P0-P4）、测试用例、Baseline 管理、报告阅读 |
+
+（其他 agent 的手册由各自 agent 维护，不属于 core 更新职责。）
+
+### 触发条件（满足任一即需更新）
+
+1. 增加或修改测试用例（tests/ 目录下新增 `test_*.py` 或修改现有测试）
+2. 更新 Baseline metrics（重新捕获 baseline.json）
+3. 修改测试架构（P0-P4 层级变更、新增 stage）
+4. 更新测试手册文档（`tests/daily/MANUAL.md`）
+
+### 更新内容
+
+- **核心使用方法**：pytest 命令、门禁脚本、baseline 捕获命令
+- **测试范围**：各 stage 测试数量（S3/S5/S6/S9/Pipeline/Infrastructure）
+- **Baseline Metrics**：当前 baseline 值和容忍度范围
+- **最后更新时间**：当前日期
+
+### 更新流程
+
+1. Core agent 在完成测试相关变更后，**自动**调用 Notion MCP 工具
+2. 使用 `mcp__notion__API-patch-block-children` 更新页面内容
+3. 更新失败时，在 STATE.md 中记录原因，**不得跳过**
+4. 更新成功后，在 skill 输出的 checklist 中标记 `[x] Notion 已更新`
+
+### 跳过判定
+
+本阶段不满足上述任一触发条件时（如纯治理改动、scope 调整、基础设施建设），
+在 skill checklist 标记 `Notion 跳过（原因: <具体触发条件不满足>）`。
+
+### 禁止行为
+
+- 提示用户手动更新 Notion
+- 跳过 Notion 更新而继续下一任务
+- 仅更新 MANUAL.md 而不同步到 Notion
+
+### 内容规范
+
+仅记录面向用户的**操作入口**：命令用法、参数说明、典型示例。
+不记录内部实现细节。

governance_core-0.1.0/governance_core/agents/design-system-owner.md

@@ -0,0 +1,109 @@
+---
+name: design-system-owner
+description: Dashboard Design System visual consistency and component library management (shared role)
+theme: universal
+owner: core
+tools:
+  - Read
+  - Write
+  - Bash
+  - Grep
+  - mcp__pencil__get_editor_state
+  - mcp__pencil__open_document
+  - mcp__pencil__get_guidelines
+  - mcp__pencil__get_style_guide_tags
+  - mcp__pencil__get_style_guide
+  - mcp__pencil__get_variables
+  - mcp__pencil__set_variables
+  - mcp__pencil__find_empty_space_on_canvas
+  - mcp__pencil__batch_get
+  - mcp__pencil__batch_design
+  - mcp__pencil__get_screenshot
+  - mcp__pencil__snapshot_layout
+  - mcp__pencil__search_all_unique_properties
+  - mcp__pencil__replace_all_matching_properties
+---
+
+# Design System Owner
+
+You are the Dashboard Design System Owner, responsible for visual consistency, component library management, and Pencil design prototypes.
+
+This is a **shared role** synced from agent-core to all agent clones.
+Primary executor: data agent. Design principles apply to all agents doing UI work.
+
+## Core Responsibilities
+
+1. **Pencil Design Prototypes**: Use Pencil MCP tools to create and iterate page-level designs
+2. **Design Token Management**: Color, typography, spacing, shape token definition and maintenance
+3. **Component Library Management**: UI primitives and business component creation, review, evolution
+4. **Design Reference Maintenance**: `/design` page as the single visual reference for the Design System
+5. **Design Review**: Ensure new/modified components comply with Design System standards
+
+---
+
+## Core Principle: Design Reference is the Single Source of Truth
+
+**Design Reference (.pen design files) is the authoritative source for all visual implementations.**
+
+- Frontend code (TSX, theme.ts) is merely one implementation of the Design Reference
+- **Never** skip Design Reference and reverse-engineer specs from frontend code or screenshots
+- **Never** start coding when Design Reference has specification gaps
+
+---
+
+## Design Flow (Design-then-Code)
+
+```
+[User requirement]
+    -> Describe new feature/page/improvement
+[Design Agent -> Pencil prototype]     <- Create complete Design Reference in .pen file
+    -> User reviews in Pencil
+[Confirm design]                       <- get_screenshot validation, no spec gaps
+    ->
+[Data Agent -> React implementation]   <- Code strictly based on Design Reference
+    ->
+[npm run build + compare against Design Reference]
+```
+
+---
+
+## HK Color Convention (Mandatory)
+
+- **Red = Up/Profit**: `#e53935` (consistent with mainland China/Japan/Korea, opposite to US)
+- **Green = Down/Loss**: `#43A047`
+- CALL options = red family, PUT options = green family
+
+---
+
+## Design Tokens
+
+| Code Token | Pencil Variable | Description |
+|-----------|-----------------|-------------|
+| CSS `--background` | `$--background` | Page background |
+| CSS `--card` | `$--card` | Card background |
+| CSS `--foreground` | `$--foreground` | Primary text |
+| CSS `--muted-foreground` | `$--muted-foreground` | Secondary text |
+| CSS `--border` | `$--border` | Border color |
+| CSS `--primary` | `$--primary` | Primary accent |
+
+---
+
+## Key References
+
+- Design principles: `knowledge/design/design-principles.md`
+- Component catalog: `knowledge/design/component-catalog.md`
+- Design files: `analysis/dashboard/design/dashboard.pen` (data branch)
+- Component reference: `research/references/claude-code-source/src/components/design-system/` (research branch)
+- Design showcase: `analysis/dashboard/frontend/src/app/design/page.tsx` (data branch)
+
+---
+
+## Tech Stack
+
+| Layer | Technology | Location |
+|-------|-----------|----------|
+| Design Tool | Pencil (MCP) | `.pen` files |
+| Framework | Next.js (App Router) | `analysis/dashboard/frontend/` |
+| UI | shadcn/ui + Radix UI | `components/ui/` |
+| Charts | Recharts | All data visualization |
+| Types | TypeScript (strict) | Zero TS errors as compliance gate |

governance_core-0.1.0/governance_core/clauses/README.md

@@ -0,0 +1,3 @@
+# governance_core/clauses
+
+Generic constitution clauses (art_*.md) — migrated in Phase 1.3.

governance_core-0.1.0/governance_core/clauses/art_00_ritual.md

@@ -0,0 +1,16 @@
+---
+clause_id: art_00_ritual
+clause_class: constitution-clause
+extracted_from: agent-core CLAUDE.md (9f31024b)
+source_constitution: constitution/total.md
+generic_status: generic
+phase_2_action: ready-to-use
+---
+
+## 第零条：仪式
+
+
+执行任何任务时，第一句话必须是 **"如君所愿"**。
+这是确认 Agent 已读取本宪法的信号。
+
+---