Methodology

What "AI Constitution" means

An AI Constitution is a small set of authored rules — three to five files of prose — that govern how AI tools behave inside one person's working environment. The four-file shape is:

• Constitution.md — governance meta-rules (file inheritance, override protocol, audit conventions, amendment process).
• Common.md — universal operating rules that apply to every task.
• Code.md — code, code+documentation, websites, engineering practices.
• Writing.md — theology, philosophy, articles, science writing, worldbuilding, fiction, non-fiction.

What this product adds

The prose stack is good for one expert author who already knows what rules they want. It is impassable for anyone else: there is no on-ramp, no maintenance loop, no portable identity, no way to recover the system on a new machine without an act of memory.

ai turns the prose stack into a product:

1. Onboarding. ai setup launches a guided interview that produces a personalized Constitution.md without the assistant fabricating rules.
2. Maintenance. ai review watches ~/.ai/memory/ for patterns and proposes amendments back into the four files. You approve. You don't scribe.
3. Portability. ai sync + ai restore move the whole tree — memories, audit records, hook topology, symlink wiring — to and from a user-owned remote. One command for a fresh laptop.
4. Self-repair. ai doctor fixes broken symlinks, missing hooks, dirty trees, divergent HEAD, stale binary. No conversation needed.
5. Atoms. Personas, profiles, skills, brand identity — versioned, immutable, content-hashed. Drift becomes structurally impossible.
6. Cross-tool enforcement. The command-wrapper facade makes the same hooks fire whether Claude Code, Copilot CLI, Cursor, or a human shell session ran the command.

What it explicitly is not

• Not a multi-tenant SaaS. Each user's ~/.ai/ is theirs.
• Not a replacement for the prose files. They remain authoritative.
• Not a model wrapper. This is the configuration plane around whatever agent you already run.
• Not a secrets store. Secrets live in OS keychains, vaults, or env files.

Honest about defense-in-depth

The command-wrapper facade is a defense-in-depth measure, not a security control. A bypass via absolute path (/usr/bin/git) or PATH override is always possible. The wrapper's value is catching the common case and producing an audit signal where one would normally appear — so a missing audit line is itself visible. We say this in the wrapper's first-run message because honesty about what a guardrail can't do is part of what makes the rest of the system trustworthy.

Read the spec for the full implementation surface.