The discipline your AI agents won't drift from.
AI coding agents drift, and every repo is different. Keystone is charter engineering at the repository level: you author one versioned charter — the standards that constrain your agents — and it projects to whatever harness runs the model. Same rules, every agent, per repo.
Coding agents drift — they lose the thread, ignore conventions, and reinvent what the codebase already decided. And every repository is unique: its stack, its idioms, its hard rules. Teams have had no per-repo, harness-agnostic way to encode the discipline that agents actually follow — so the same corrections get re-typed into every session, every host, every clone.
Extensible by design
It's a framework, not a fixed tool. Define your own signals (framework events), author custom tools and adapters, add host targets, extend every primitive. The charter grows with your project.
Shared project standards
One source of truth for every agent — not a pile of
conflicting per-agent folders (.claude/,
.cursor/, AGENTS.md, .continue/…).
Author the charter once; Keystone projects it to every host, natively.
Rich policy system
Ship org and team rules as vendored policies —
version-pinned, hash-verified, drift-reset. They cascade:
project wins by default, nested policies refine, strict
items lock absolutely. Governance that agents actually follow.
You author a charter — guides, sensors, signals, and
policies — as structured, primitive-typed markdown living at
.charter/, with one canonical CHARTER.md
entrypoint. Keystone keeps it indexed and healthy, then
projects it to every host's native paths.
Whatever harness runs the model reads it and stays on-rails. A harness is the engine that runs the model — Claude Code, Cursor, Codex, opencode, an orchestrator. Keystone is not a harness; it manages the charter the harness obeys. You author the charter; the harness you run consumes and applies it.
Write the charter
Guides (glob-scoped rules), sensors (checks + gates), signals (events), policies (pinned org rules) — plain markdown at .charter/.
Ship it to every host
keystone project renders to .claude/, .cursor/, AGENTS.md, and more from one canonical source.
Agents read & obey
Any agent reads .charter/INDEX.json and opens bodies on demand — reliable, quality output, per repo.
One versioned source of truth
Harness-agnostic & team-scalable
keystone verify.strict items lock absolutely.The charter holds 13 primitive kinds. A few carry most of the weight — the reference covers them all.
Guides & sensors
Glob-scoped rules that activate on the files you touch; checks and agent reviews that gate the work. Corpus carries the why, loaded on demand.
Extensible events
Host phases are a closed set; any other on: value is a signal. Sensors, tools, and agents self-subscribe. keystone signal fire.
Coverage & conformance
keystone charter coverage finds files no guide governs; conformance scores the repo against its charter.
Policies, pinned
Org and team rules ship as vendored policies — version-pinned, hash-verified, drift-reset. Project layer always wins by default.
MCP + dashboard
An MCP server dispatches the charter to host agents; a localhost dashboard at :4773 gives metrics, insights, prune, and eval runs.
Every host, natively
One canonical .charter/ renders to .claude/, .cursor/, AGENTS.md — thin pointers back to CHARTER.md.
Install & scaffold
One Homebrew tap, one init. Minimum-friction: a single question (your agent target), or zero with --agent.
$ brew install tacoda/tap/keystone # or grab a release binary $ keystone init # writes .charter/ + agent menu $ keystone index # emits .charter/INDEX.json $ keystone mcp install --agent claude-code # one-line agent wiring $ keystone web serve # optional: open the dashboard