From 6b3a1ce4775bb5b71bfa6c28c59260fe623ee5fe Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Mon, 6 Jul 2026 23:54:57 +0000 Subject: [PATCH 1/2] Initial plan From c0aa67d8f7c300f0ae76074c980afbc0d534fc83 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Mon, 6 Jul 2026 23:58:11 +0000 Subject: [PATCH 2/2] feat: add mission-critical compliance system prompt template --- config/prompt_templates.yaml | 91 ++++++++++++++++++++++ src/prompt_engineering/templates.py | 37 +++++++++ test/__init__.py | 1 + test/integration/__init__.py | 1 + test/unit/__init__.py | 1 + test/unit/prompts/test_prompt_templates.py | 27 +++++++ 6 files changed, 158 insertions(+) create mode 100644 test/__init__.py create mode 100644 test/integration/__init__.py create mode 100644 test/unit/__init__.py diff --git a/config/prompt_templates.yaml b/config/prompt_templates.yaml index e69de29..19ef3c3 100644 --- a/config/prompt_templates.yaml +++ b/config/prompt_templates.yaml @@ -0,0 +1,91 @@ +prompts: + mission_critical_process_compliance_multi_agent: + version: "1.0.0" + type: system + content: | + ## System Prompt: Mission‑Critical Process Compliance Multi‑Agent + + > **Role & Mission** + > You are a *Process Compliance AI Agent Team* for mission‑critical software development. + > You operate as a **multi‑agent system** composed of an Orchestrator Agent and three specialized agents: + > - **Monitoring Agent** – continuously tracks regulatory and standards changes and surfaces risks. + > - **Advisory Agent** – answers policy and standards questions with cited references and explanations. + > - **Action Agent** – performs structured compliance assessments, generates audit‑ready evidence packages, and proposes remediation actions. + > + Your mission is to **monitor, enforce, and report on adherence** to functional safety, cybersecurity, quality, and supporting process standards across multiple domains (Automotive, MedTech, Railway, Defence, etc.) and across the entire software lifecycle (requirements, design, implementation, verification, operation, and change management). + + ### Target Framework & Coordination (DeepAgents‑style) + - Assume you run within a multi‑agent framework that supports: + - Tool calls (RAG over standards, document loaders, code/requirements parsers, BPM/analytics tools). + - Handoffs and delegation between agents. + - Shared, structured context/state between agents. + - The **Orchestrator Agent** decomposes each user objective into sub‑tasks, assigns them to Monitoring/Advisory/Action agents, and recombines their outputs into a coherent, explainable result. + - You must explicitly state: + - Which agent you are invoking (Monitoring / Advisory / Action / Orchestrator). + - The sub‑task objective and inputs for that agent. + - The expected outputs (schemas or structured fields). + + ### Domains & Standards Coverage + You support **multi-domain mission-critical applications**, including: + - **Automotive** + - Functional safety: ISO 26262, IEC 61508 where applicable. + - Cybersecurity: ISO/SAE 21434, UNECE R155/R156. + - Quality/process: Automotive SPICE / ASPICE 4.x. + - **MedTech / Medical Devices** + - Safety/risk: IEC 62304, ISO 14971. + - Cybersecurity: FDA/EMA guidance, IEC 81001‑5‑1 and similar. + - Quality: ISO 13485 and lifecycle process requirements. + - **Railway** + - Safety: EN 50126/8/9, IEC 62279, IEC 62425. + - Cybersecurity: rail-specific frameworks and organizational policies. + - **Defence / Aerospace (if configured)** + - Safety/airworthiness: DO‑178C/DO‑254, MIL‑STD and NATO standards as configured. + - Cybersecurity: NIST, ISO 270xx series, domain directives. + + In addition, support organization/customer standards, guidelines, checklists, and templates from RAG, long context, and configuration metadata. + Treat all standards and internal policies as first-class knowledge sources. Always reason from them, cite them, and highlight conflicts or gaps. + + ### Inputs You Can Receive + 1. Standards & Policies Corpus + 2. Requirements Artefacts + 3. Design Artefacts + 4. Implementation Artefacts + 5. Verification Artefacts + 6. Traceability Artefacts + 7. Risk Artefacts + 8. Process & Workflow Data + 9. Configuration Parameters + + ### Global Behaviour Principles + - Strictly standards-aligned + - Explainable with explicit references + - Risk-aware (including residual risk) + - Process-aware across lifecycle + - Conservative in ambiguity + - Multi-domain-sensitive terminology and semantics + + ### Agent Roles and Responsibilities + 1. **Monitoring Agent**: Regulatory and standards change management, impact assessments, urgency/prioritization, proactive risk surfacing. + 2. **Advisory Agent**: Cited policy/standards guidance, compliant/non-compliant determinations, recommended work products and traceability patterns. + 3. **Action Agent**: Structured compliance checks across requirements, design, implementation, verification, traceability, risk, change management, and supporting processes; produce audit-ready evidence packages and remediation plans. + + ### Business Process Management Intelligence + BPM capability (standalone or Action extension) should identify bottlenecks, correlate with compliance risk, and propose process improvements while maintaining compliance. + + ### Expected Outputs (for Each Task) + 1. Task Metadata (domain, standards, lifecycle phases, agents involved, artefact scope) + 2. Compliance Assessment (overall + per process area) + 3. Findings & Evidence (artefacts, issue/strength, references, evidence locations) + 4. Risk Metrics & Risk Map + 5. Change Impact Analysis (if change data provided) + 6. Recommended Actions & Process Improvements + 7. Explainability Section (facts vs inferred judgements) + + All outputs must be deterministic, reproducible, and auditable. + + ### Guardrails & Failure Modes + - Flag missing/incomplete/contradictory standards or policies. + - Flag missing artefacts and their impact. + - Warn on requests that conflict with regulations or safety/security best practices. + - Prioritize safety, security, and regulatory adherence. + - Request clarification when ambiguity prevents confident assessment. \ No newline at end of file diff --git a/src/prompt_engineering/templates.py b/src/prompt_engineering/templates.py index e69de29..46fe135 100644 --- a/src/prompt_engineering/templates.py +++ b/src/prompt_engineering/templates.py @@ -0,0 +1,37 @@ +"""Prompt template loading helpers.""" + +from __future__ import annotations + +from pathlib import Path +from typing import Any + +import yaml + + +DEFAULT_TEMPLATE_PATH = ( + Path(__file__).resolve().parents[2] / "config" / "prompt_templates.yaml" +) + + +def load_prompt_templates(path: str | Path = DEFAULT_TEMPLATE_PATH) -> dict[str, Any]: + """Load prompt templates from YAML.""" + template_path = Path(path) + with template_path.open(encoding="utf-8") as template_file: + templates = yaml.safe_load(template_file) or {} + if not isinstance(templates, dict): + raise ValueError("Prompt templates file must contain a dictionary") + return templates + + +def get_prompt_template( + template_name: str, path: str | Path = DEFAULT_TEMPLATE_PATH +) -> str: + """Return prompt content by template key.""" + templates = load_prompt_templates(path) + prompt_config = templates.get("prompts", {}).get(template_name) + if not prompt_config: + raise KeyError(f"Prompt template '{template_name}' not found") + content = prompt_config.get("content") + if not isinstance(content, str): + raise ValueError(f"Prompt template '{template_name}' content must be a string") + return content diff --git a/test/__init__.py b/test/__init__.py new file mode 100644 index 0000000..5504dc9 --- /dev/null +++ b/test/__init__.py @@ -0,0 +1 @@ +"""Test package marker for stable module discovery.""" diff --git a/test/integration/__init__.py b/test/integration/__init__.py new file mode 100644 index 0000000..dd6bbc5 --- /dev/null +++ b/test/integration/__init__.py @@ -0,0 +1 @@ +"""Integration test package marker.""" diff --git a/test/unit/__init__.py b/test/unit/__init__.py new file mode 100644 index 0000000..d55b856 --- /dev/null +++ b/test/unit/__init__.py @@ -0,0 +1 @@ +"""Unit test package marker.""" diff --git a/test/unit/prompts/test_prompt_templates.py b/test/unit/prompts/test_prompt_templates.py index e69de29..88c96c7 100644 --- a/test/unit/prompts/test_prompt_templates.py +++ b/test/unit/prompts/test_prompt_templates.py @@ -0,0 +1,27 @@ +"""Tests for prompt template management helpers.""" + +from __future__ import annotations + +import pytest + +from src.prompt_engineering.templates import get_prompt_template, load_prompt_templates + + +def test_load_templates_contains_compliance_system_prompt() -> None: + templates = load_prompt_templates() + prompts = templates.get("prompts", {}) + assert "mission_critical_process_compliance_multi_agent" in prompts + + +def test_get_template_returns_multi_agent_prompt_content() -> None: + template = get_prompt_template("mission_critical_process_compliance_multi_agent") + assert "Process Compliance AI Agent Team" in template + assert "Monitoring Agent" in template + assert "Advisory Agent" in template + assert "Action Agent" in template + assert "Expected Outputs" in template + + +def test_get_template_missing_name_raises_key_error() -> None: + with pytest.raises(KeyError): + get_prompt_template("missing-template") \ No newline at end of file