P.A.C.T. — Prompt · AI · Code · Truth

Code executes. AI creates.

The governance contract between humans and AI agents — four principles that keep deterministic logic in code and creative tasks in AI.

4 IDEs · 9 agents · Plan-Act-Check-Done lifecycle · TDD by default

$pip install pactkit

Get Started GitHub

v2.9.03,286 testsMIT License

$/project-sprint "Add OAuth2 login"

PlanScanning codebase... 47 modules

PlanSpec: docs/specs/STORY-042.md

PlanBoard: 4 tasks added

ActTests: 8 cases written (RED)

ActImplement: all pass (GREEN)

ActLint: 0 errors

CheckSEC-1..SEC-8: all PASS

CheckACs: 4/4 verified

DoneRegression: 2307 tests passed

Donefeat(auth): STORY-042 add OAuth2 login

Why PactKit

The P.A.C.T. that governs your AI.

AI coding assistants are powerful but unpredictable. PactKit enforces a governance contract — clear boundaries between what code does, what data proves, and what AI creates.

Governance

Four principles. Zero ambiguity.

P.A.C.T. draws the boundary between human intent and AI execution. Deterministic operations run as code, not prompts. Decisions are grounded in data, not memory. AI handles creativity — code handles everything else.

# The P.A.C.T. Contract
P  Prompt  is ONLY instruction   → defines process, never state
A  AI      is ONLY creativity    → language and format, never logic
C  Code    is the Law            → sole executor of deterministic ops
T  Truth   Data is the Truth     → no memory, no inference, no fabrication

# Script exists? Use it. Never reimplement in prompts.
# Data available? Read it. Never guess from memory.

Architecture

9 agents. Constrained tools. Zero overlap.

Each PDCA phase is owned by a dedicated agent that can only use the tools it needs. The architect can't write code. The developer can't modify specs. The QA engineer can't commit.

Agent             Phase   Can                Cannot
─────────────────────────────────────────────────────
System Architect  Plan    Write specs        Write code
Senior Developer  Act     Write code+tests   Modify specs
QA Engineer       Check   Run tests          Modify code
Repo Maintainer   Done    Commit, archive    Write features
Security Auditor  Check   Read + report      Modify anything

Safety

Pre-existing tests are untouchable.

The TDD loop only iterates on tests created in the current story. If a pre-existing test fails, the agent stops and reports — it never silently modifies your safety net.

# TDD Loop (current story only)
1. Write tests          → RED
2. Implement            → GREEN  
3. Pre-existing fails?  → STOP. Report.

# Done Gate
$ pytest tests/ -v
2307 passed, 0 failed
✓ Regression gate: PASS
✓ feat(auth): STORY-042 add OAuth2 login

Performance

62% fewer tokens per turn.

v2.1.1 introduced lazy rule loading for OpenCode. Only 3 core rules load every turn. The other 6 are referenced but only read when the current task needs them.

# Always loaded (opencode.json instructions):
rules/01-core-protocol.md
rules/02-hierarchy-of-truth.md  
rules/09-credential-safety.md

# On-demand (@reference in AGENTS.md):
rules/03-file-atlas.md          # ← read when needed
rules/04-routing-table.md       # ← read when needed
rules/05-workflow-conventions.md # ← read when needed
...3 more

# Result: 7,200 → 2,800 tokens/turn

How it works

Four phases. Four agents. One command.

Or run /project-sprint to execute all four phases automatically.

1Plan

/project-plan

Architect scans codebase, writes Spec, updates Sprint Board.

2Act

/project-act

Developer writes tests first (RED), then implements (GREEN).

3Check

/project-check

QA runs 8-item security checklist + spec alignment audit.

4Done

/project-done

Maintainer gates regression, archives story, commits.

Learn the workflow All 11 commands + 10 skills