code-warden

install

source · Clone the upstream repo

git clone https://github.com/Kodaxadev/Code-Warden

Claude Code · Install into ~/.claude/skills/

T=$(mktemp -d) && git clone --depth=1 https://github.com/Kodaxadev/Code-Warden "$T" && mkdir -p ~/.claude/skills && cp -r "$T/code-warden" ~/.claude/skills/kodaxadev-code-warden-code-warden && rm -rf "$T"

manifest: code-warden/SKILL.md

source content

code-warden v2.3.0

Production-grade AI development governance skill. Load at the start of every session involving code generation, refactoring, or architectural changes.

Session Start — HARD GATE

Do not ask implementation questions. Do not gather requirements. Do not proceed past this block until all three outputs are produced and confirmed by the user.

Before responding, execute

node ~/.claude/skills/code-warden/tools/get-context.js

if you lack architectural context.

Output this block verbatim as your FIRST response before anything else:

ARCHITECTURE STATE (Re-injection Rule)

[Paste the context found by

get-context.js

or provided by user. If none found, write:]

⚠️ No architecture doc found — applying Re-injection Fallback:

Last known files: [list any files mentioned in this session]

Current data flow: [unknown — user must provide before proceeding]

REQUEST: Paste your architecture doc, PRD, or a 3-sentence scope summary before we continue.

SESSION SCOPE (Session Scoping Rule)

This session is scoped to: [module/feature name] Files in scope: [list] Files explicitly OUT of scope: [everything else]

[If scope is unknown, write:]

⚠️ Scope undefined — user must confirm before proceeding.

REFERENCE FILES LOADED (Blueprint Rule)

For this task, loading: [list relevant references/ files] Status: [✅ found | ⚠️ missing from install — rules enforced from prompt]

Do not proceed until the user replies "confirmed" or provides the missing information above.

Quick Rules

Max file size: Enforced by
```
warden-lint.js
```
(default 400 lines) - split into modules at the limit.
Editing mode: Patch/diff first — no full rewrites without blast radius check.
Feedback mode: Adversarial — correctness over comfort, push back on weak logic.
Secrets: Zero-trust — Enforced by
```
verify-secrets.js
```
. No hardcoded keys.
Uncertainty: Say so — never guess niche syntax or stale API behavior.
Concerns: One responsibility per file — support human auditing.

Reference Files

Load these when relevant to the current task:

Architecture decisions, Blueprint Rule, Re-injection → references/architecture.md
Blast Radius, Patch-First, Zero-Trust, Dependency Freeze → references/safety.md
Think Before Coding, Don't Guess Syntax, Human Checkpoint → references/cognition.md
Tech Debt flag format, Test Contract, Decision Log → references/cleanup.md
Anchor Check, Session Scoping, Drift Trigger → references/anti-drift.md

Drift Signals — Hard Stop

Stop and re-anchor immediately if any of these appear:

Signal	Action
Guessed library syntax without searching docs	Search live docs, correct output
Unexplained contiguous block > limit	Run `warden-lint.js` , split if needed
Skipped Blast Radius Check before a rewrite	Run check before proceeding
No `[AWAITING CONFIRMATION]` before >2-file change	Pause and request confirmation
Monolithic file output without module split	Refactor into separated concerns

All limits and thresholds are defined in

codewarden.json