Mandate System Overview

The Mandate System is Defiant’s governance layer. It consists of YAML rule files that define what every agent must and must not do. Mandates are versioned, auditable, and enforced at three points in the sprint lifecycle: plan time, commit time, and on demand.

Why mandates

Without a governance layer, AI agents optimize for completing the task — not for security, compliance, or consistency with your organization’s standards. Mandates encode those standards in a machine-readable format that is checked automatically on every sprint, not just when a human happens to notice.

Mandates replace a checklist that lives in someone’s head (or a document that no one reads) with a system that blocks non-compliant work before it ships.

Mandate structure

Every mandate is a YAML file in mandate-library/. Each file follows this schema:

id: mandate_7
name: Security Baseline
version: 1.2.0
category: security          # security | quality | compliance | process | architecture
severity: blocking          # blocking | warning | advisory
applies_to:                 # which agents this mandate governs
  - builder
  - reviewer
  - guardian
vertical_packs:             # which verticals activate additional rules
  - fintech
  - healthcare

rules:
  - id: no-raw-sql
    description: All database queries must use parameterized statements or an ORM.
    check: ast-pattern
    pattern: "\.query\(`|\.exec\(`|raw_sql\("
    file_pattern: "src/**/*.ts"
    action: block           # block | warn | log
    message: "Raw SQL detected at {{ file }}:{{ line }}. Use parameterized queries."

  - id: security-headers
    description: HTTP responses must include standard security headers.
    check: file-contains
    file: "src/**/*server*.ts"
    pattern: "helmet|Content-Security-Policy"
    action: block
    message: "Security headers not found. Use the helmet middleware."

  - id: no-http-in-prod
    description: No plaintext HTTP URLs in production code.
    check: regex-match
    pattern: "http://(?!localhost)"
    file_pattern: "src/**/*.ts"
    action: warn
    message: "HTTP URL found. Use HTTPS in production."

acceptance_criteria:
  - All DB queries use parameterized statements or an ORM
  - All HTTP responses include Content-Security-Policy, X-Frame-Options, X-Content-Type-Options
  - No hardcoded secrets in source files

definition_of_done:
  - mandate check exits 0
  - guardian agent finds no critical or high findings

Check types

Check type	How it works
ast-pattern	Parses TypeScript/JavaScript AST and matches node patterns
regex-match	Runs regex against file contents
file-contains	Checks whether a file contains a required pattern
file-exists	Checks whether a required file is present
json-schema	Validates a JSON file against a schema
shell-command	Runs a shell command and checks exit code
custom	References a JavaScript function in mandate-library/checks/

Enforcement points

1. Plan time (PLAN state)

The Architect validates the technical plan against all active mandates before BUILD starts. If the plan would produce non-compliant code, BUILD is blocked before any code is written.

# Architect runs internally:
defiant mandates check --plan /path/to/plan.json --project proj_01hw...

# [PASS] mandate_1: AI-native baseline
# [PASS] mandate_7: Security baseline
# [FAIL] mandate_8: Dependency hygiene
#   Rule: no-gpl-dependencies
#   Found: "gpl-library@1.2.3" in proposed dependencies
# Result: BLOCKED

2. Commit time (BUILD state)

The Builder runs mandate checks before issuing a completion certificate. Any blocking violation prevents the certificate from being issued, which prevents the sprint from advancing to SHIP.

3. On demand

# Check the current working tree against all active mandates
defiant mandates check

# Check a specific mandate
defiant mandates check --mandate mandate_7

# Check against a specific project's mandates (includes vertical pack)
defiant mandates check --project proj_01hw...

# Check a specific directory
defiant mandates check --path src/payments/

The 50 global mandates

All projects have the 50 global mandates active regardless of vertical. Here is a summary:

ID	Name	Category	Severity
mandate_1	AI-native baseline	process	blocking
mandate_2	No Defiant 1.x dependencies	architecture	blocking
mandate_3	Semantic versioning	process	warning
mandate_4	Conventional commits	process	warning
mandate_5	Monorepo structure	architecture	blocking
mandate_6	Turbo build system	architecture	blocking
mandate_7	Security baseline	security	blocking
mandate_8	Dependency hygiene (MIT/Apache/BSD only)	compliance	blocking
mandate_9	Worktree isolation	process	blocking
mandate_10	TypeScript strict mode	quality	blocking
mandate_11	No any type	quality	warning
mandate_12	Completion certificate	process	blocking
mandate_13	Test co-location	quality	blocking
mandate_14	Minimum test coverage (80%)	quality	blocking
mandate_15	No debug artifacts	quality	blocking
mandate_16	New code paths require tests	quality	blocking
mandate_17	API versioning	architecture	warning
mandate_18	Rate limiting on all public endpoints	security	blocking
mandate_19	PCI DSS patterns	compliance	blocking
mandate_20	GDPR Art. 17 deletion	compliance	blocking
mandate_21	GDPR Art. 20 portability	compliance	blocking
mandate_22	Accessibility (WCAG AA)	quality	warning
mandate_23	HIPAA audit trail	compliance	blocking
mandate_24	SOC 2 logging	compliance	blocking
mandate_25	No hardcoded secrets	security	blocking
mandate_26	Environment variable validation at startup	security	blocking
mandate_27	Parameterized queries	security	blocking
mandate_28	Output encoding	security	blocking
mandate_29	HTTPS only in production	security	warning
mandate_30	Short-lived tokens (< 24h)	security	warning
mandate_31	CORS explicit allowlist	security	blocking
mandate_32	Dependency pinning	security	warning
mandate_33	No eval or Function()	security	blocking
mandate_34	CSP header required	security	blocking
mandate_35	Error messages must not leak internals	security	blocking
mandate_36	Pagination on all list endpoints	architecture	warning
mandate_37	Idempotent mutations	architecture	warning
mandate_38	Graceful shutdown handling	quality	warning
mandate_39	Health check endpoint	quality	warning
mandate_40	Structured logging (JSON)	quality	warning
mandate_41	No synchronous file I/O in request handlers	quality	warning
mandate_42	DB connection pooling	architecture	blocking
mandate_43	Migration rollback included	quality	blocking
mandate_44	RLS on all user data tables	security	blocking
mandate_45	Webhook signature verification	security	blocking
mandate_46	No user input in shell commands	security	blocking
mandate_47	Immutable event log	architecture	blocking
mandate_48	Token budget enforcement	process	blocking
mandate_49	Handoff packet schema validation	process	blocking
mandate_50	Sprint completion certificate schema	process	blocking

See global mandates for the full YAML for each mandate.

Mandate versioning

Mandates are versioned with semantic versioning. When a mandate is updated:

• Patch (1.0.x): wording clarification only; no behavior change
• Minor (1.x.0): new advisory or warning rules added
• Major (x.0.0): new blocking rules or removal of existing rules

Projects pin to a mandate library version in their config:

~/.defiant/config.json

{
  "mandateLibraryVersion": "2.1.0",
  "mandateOverrides": {
    "mandate_22": { "severity": "blocking" }  // project-level override: escalate to blocking
  }
}

Adding custom mandates

You can add project-specific mandates in mandate-library/custom/:

mandate-library/custom/no-legacy-api.yaml

id: custom_no_legacy_api
name: No Legacy API calls
version: 1.0.0
category: architecture
severity: blocking
applies_to:
  - builder
  - reviewer

rules:
  - id: no-v1-endpoints
    description: Do not call the deprecated v1 API.
    check: regex-match
    pattern: "/api/v1/"
    file_pattern: "src/**/*.ts"
    action: block
    message: "Found call to deprecated /api/v1/ endpoint. Use /api/v2/ instead."

Global Mandates

Full YAML for all 50 global mandates. Browse →

Vertical Pack Mandates

Additional mandates activated by vertical packs. Browse →