Eko Rules Index

Central index for all rules, conventions, and standards in the Eko codebase.

Quick Start: New to Eko? Start with CLAUDE.md for the essential invariants and commands.

Rule Categories

CategorySourceEnforcementOwner
Eko InvariantsCLAUDE.mdAdvisoryarchitect-steward
Eko GTDdocs/rules/eko-gtd.mdAdvisoryarchitect-steward
Doc Conventionsdocs/CONVENTIONS.mdCI (docs:lint)architect-steward
Agent Boundaries.claude/agents/*.mdCI (agents:routing-check)architect-steward
Code Stylebiome.jsonCI (lint)ci-quality-gatekeeper
Error Handlingdocs/rules/error-handling.mdCI (check-error-handling)observability-analyst
Testingdocs/rules/testing.mdAdvisoryci-quality-gatekeeper
Securitydocs/rules/security.mdCI + Pre-commitsecurity-reviewer
Dependenciesdocs/rules/dependencies.mdAdvisoryci-quality-gatekeeper
Stylingdocs/rules/styling.mdAdvisorycard-ux-designer
Challenge Contentdocs/rules/challenge-content.mdGeneration + upload validationfact-engineer
Changelogdocs/rules/changelog.mdPre-commit (advisory)docs-librarian

Eko Invariants

Source: CLAUDE.md Enforcement: Advisory (architect-steward reviews) Owner: architect-steward

These are the non-negotiable constraints that define Eko's product boundary:

IDInvariantDescription
INV-001Fact-firstFacts are the atomic unit; everything flows from structured, schema-validated facts
INV-002Verification before publicationNo fact reaches the public feed without at least one validation tier pass
INV-003Source attributionEvery fact traces back to source articles and validation evidence
INV-004Schema conformanceFact output must validate against fact_record_schemas.fact_keys
INV-005Cost-bounded AIAll AI calls have model routing, budget caps, and cost tracking
INV-006Public feed / gated detailFeed is public; full card detail and interactions require Free/Eko+ subscription
INV-007Topic balanceDaily quotas per topic category prevent content monoculture
INV-008Challenge answer isolationChallenge URLs, shared links, and metadata must never reveal answer content

Tradeoff priority: correctness, auditability, safety, cost control

Eko GTD

Source: docs/rules/eko-gtd.md Enforcement: Advisory Owner: architect-steward

Eko GTD is a structured planning and execution methodology that scales from minute tasks to major builds.

Complexity Tiers

TierDurationTracking
XS Minute< 30 minTODO.md (flat)
QS Quick30 min - 2hTODO.md (flat)
S Small2-4 hoursTODO.md (mini)
M Medium4-6 hoursTODO.md (mini+)
L Large6-10 hoursTODO.md (full)
XL Major10+ hoursTODO.md (full)

Auto-Detection

Claude assesses task complexity automatically:

IDRuleDescription
GTD-001Challenge-BasedRequirements become numbered PASS/FAIL challenges
GTD-002State TrackingFrontmatter enables session-resumable work
GTD-003Wave OrganizationChallenges grouped by dependency order
GTD-004Quality TiersFunctional + quality challenges for A+ grading
GTD-005Agent OwnershipEvery challenge has a single owner agent
GTD-006Scaled StructureFull docs for L/XL, mini for S/M, flat TODO for XS/QS
GTD-007Auto-DetectionComplexity assessed before routing
GTD-009Universal TrackingEvery tier gets a TODO.md for session resumability

Light tracking (XS/QS): Single-file, no schema/API changes, < 2 hours — flat TODO.md Full GTD (S+): Multi-file, schema changes, cross-package, unclear requirements — challenges + waves

Invocation: Use Eko GTD:<Domain> to <task> Domains: Software, Marketing, Content, Video, Ads, Research, Business

Documentation Conventions

Source: docs/CONVENTIONS.md Enforcement: CI (bun run docs:lint) Owner: architect-steward

IDRuleDescription
DOC-001Required front-matterAll docs need: title, status, version, last_updated, scope
DOC-002Status lifecycledraft → stable → deprecated
DOC-003File namingkebab-case.md only
DOC-004Cross-linksRelative paths with .md extension
DOC-005CONTRACT docsArchitecture/product/spec/policy require: related_code, changelog

Agent Boundaries

Source: .claude/agents/README.md Enforcement: CI (bun run agents:routing-check) Owner: architect-steward

IDRuleDescription
AGT-001Single ownershipEach file has exactly one agent owner
AGT-002No overlapsowned_paths must not overlap between agents
AGT-003Escalation protocolMulti-agent work follows handoff sequence
AGT-004Non-goalsAgents explicitly define what they do NOT do

See Agent Quick Lookup for file→agent mapping.

Code Style

Source: biome.json Enforcement: CI (bun run lint) + Pre-commit (lint-staged) Owner: ci-quality-gatekeeper

IDRuleEnforcement
STY-001No unused importsError
STY-002No unused variablesError
STY-003No explicit anyWarning
STY-004Single quotesAuto-fix
STY-005Semicolons as neededAuto-fix
STY-0062-space indentAuto-fix
STY-007100 char line widthAuto-fix

Error Handling

Source: docs/rules/error-handling.md Enforcement: CI (bun run check-error-handling) Owner: observability-analyst

IDRuleDescription
EH-001Structured errorsErrors have code, message, context
EH-002Never swallowCatch blocks must log, rethrow, or return Result
EH-003Worker boundariesWorkers wrap processing in try/catch
EH-004API responsesHTTP errors return { error, code } JSON

Testing

Source: docs/rules/testing.md Enforcement: Advisory Owner: ci-quality-gatekeeper

IDRuleDescription
TST-001ColocationTest files beside source: foo.test.ts
TST-002Namingdescribe('Component') / it('should...')
TST-003FixturesStore in __fixtures__/
TST-004MockingMock external services, not internal logic
TST-005Coveragepackages/shared ≥80%, workers ≥60%, apps ≥40%

Security

Source: docs/rules/security.md Enforcement: CI + Pre-commit (gitleaks) Owner: security-reviewer

IDRuleDescription
SEC-001URL validationSSRF prevention via verifyAndNormalizeUrl()
SEC-002Service roleSERVICE_ROLE_KEY only in workers
SEC-003Secrets in logsNever log API keys, tokens, credentials
SEC-004RLS testingTables with RLS must have security tests
SEC-005Input validationAll user input validated with Zod
SEC-006Challenge URL answer leakChallenge URLs must not reveal answer content

Dependencies

Source: docs/rules/dependencies.md Enforcement: Advisory Owner: ci-quality-gatekeeper

IDRuleDescription
DEP-001Package locationShared deps in root, specific in package
DEP-002Version pinningCaret for most, exact for critical
DEP-003Approval neededReview for >50KB, native, <1k downloads
DEP-004Workspace protocolInternal refs use workspace:*

Styling

Source: docs/rules/styling.md Enforcement: Advisory Owner: card-ux-designer

IDRuleDescription
STY-101Inline padding overridesUse inline style for padding when overriding base input styles
STY-102Prefer InputGroupUse InputGroup pattern for inputs with icons/addons
STY-103CSS layer awarenessTailwind v4 utilities are in @layer utilities, unlayered CSS wins

Key Gotcha: In Tailwind v4, utility classes like pl-11 are in @layer utilities. Our components.css is unlayered, so base styles override utilities. Use inline style props when you need to override base padding.

Challenge Content

Source: docs/rules/challenge-content.md Enforcement: Generation + upload validation (validateChallengeContent()) Owner: fact-engineer

IDRuleDescription
CC-001Minimum style coverageEvery published fact needs challenge content for >= 3 styles
CC-002Five-field structureAll styles require setup_text, challenge_text, reveal_correct, reveal_wrong, correct_answer
CQ-001–CQ-008Content qualityField length, voice, banned patterns, plausibility checks
CQ-009–CQ-013Style data validationPer-style structure requirements for fill_the_gap, direct_question, statement_blank, reverse_lookup, free_text

See challenge-content.md for full rule details and examples.

Changelog

Source: docs/rules/changelog.md Enforcement: Pre-commit (advisory) + CI (changelog:check) Owner: docs-librarian

IDRuleDescription
CHG-001Update on commitCommits changing functionality must update the current month's changelog (docs/changelog/MM-YYYY.md)
CHG-002Category matchingEntries must use correct category (Features, Bug Fixes, etc.)
CHG-003Scope prefixEntries should include scope in bold (e.g., Admin Dashboard:)
CHG-004Date groupingNew entries go under today's date section
CHG-005Imperative moodUse imperative verbs (Add, Fix, Update, Remove, Refactor)

What requires entry: Features, bug fixes, breaking changes, security fixes, performance improvements, user-visible refactoring.

What doesn't: Internal refactoring, test-only changes, dev tooling, comment fixes.

Enforcement Levels

LevelMeaningFailure Behavior
CIAutomated check in CI pipelineBlocks merge
Pre-commitChecked before commitBlocks commit
AdvisoryDocumented expectationNo automated block

Validation Commands

# Run all rules validation
bun run rules:check

# Individual checks
bun run docs:lint              # Documentation conventions
bun run agents:routing-check   # Agent boundaries
bun run lint                   # Code style
bun run typecheck              # Type safety
bun run check-error-handling   # Error handling patterns
bun run check-invariants       # Invariant violation detection (advisory)

Adding New Rules

  1. Determine rule category and owner agent
  2. Add rule to appropriate docs/rules/*.md file
  3. Assign rule ID following pattern: {CATEGORY}-{NUMBER}
  4. Update this index table
  5. If enforcement needed, add to CI or pre-commit hooks
  6. Run bun run rules:check to validate

Rules Ownership by Agent

AgentOwned Rule Categories
architect-stewardEko Invariants, Doc Conventions, Agent Boundaries
ci-quality-gatekeeperCode Style, Testing, Dependencies
docs-librarianChangelog
observability-analystError Handling
security-reviewerSecurity
card-ux-designerStyling
fact-engineerChallenge Content

See Agent System for full agent documentation.