Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/davidbuenov/dbv-specs-ops/llms.txt

Use this file to discover all available pages before exploring further.

ARCHITECTURE.md is the technical blueprint of the project. It documents the stack, directory layout, key decisions, and — critically — the Agent Harness: the configuration that defines how the AI operates within the project’s boundaries. This file is the product of the /plan phase and must reflect the current state of the system at all times.
ARCHITECTURE.md documents what the system is today, not what you plan it to be someday. Writing aspirational architecture here confuses the AI, which reads this file as ground truth. Log future improvements in task.md as Technical Debt instead.

Document Header

# 🏗 Technical Architecture: [Project Name]

> **Phase:** `/plan` (Technical Planning)
> **Status:** Draft / Validated
> **Last Revision:** [Date]

Section Reference

1. Tech Stack Table

Purpose: Provide a single-glance view of every technology layer and the reasoning behind each choice. Justifications are required — they give the AI (and future engineers) the context needed to make consistent decisions within the chosen constraints.
LayerTechnologyJustification
Languagee.g., TypeScript 5.xe.g., Static typing, mature ecosystem
Main Frameworke.g., Fastify / Reacte.g., High performance / SPA without SSR complexity
Persistencee.g., SQLite / PostgreSQLe.g., No infrastructure for MVP / production-ready
Authe.g., JWT + bcrypte.g., Stateless, easy to scale
Testinge.g., Vitest / Pyteste.g., Fast, ESM-compatible
CI/CDe.g., GitHub Actionse.g., Integrated with the repository
Every choice in this table is a constraint the AI respects during /build. If a change is needed, it must be documented as a Technical Decision in memory.md and approved before the AI proceeds.

2. Directory Structure

Purpose: Define the canonical layout that all generated files must follow. This prevents the AI from placing files in ad-hoc locations across sessions.
/
├── src/
│   ├── domain/          # Pure business logic (no external dependencies)
│   ├── application/     # Use cases and orchestration
│   ├── infrastructure/  # DB, external APIs, third-party services
│   └── interfaces/      # HTTP controllers, CLI, WebSocket
├── tests/
│   ├── unit/
│   └── integration/
├── docs/                # Project documentation (this directory)
└── [config files]       # tsconfig, .env.example, etc.
For small projects, a single flat src/ folder is sufficient. Adapt this structure to the actual project size — over-engineering the directory layout for a small tool adds friction without benefit.

3. Key Technical Decisions

Purpose: Document the non-obvious choices that shape how the system is built. These entries act as lightweight Architecture Decision Records (ADRs) embedded in the architecture file itself.

Security

DecisionExample value
AuthenticationJWT with 1-hour expiration + refresh token in httpOnly cookie
AuthorizationRBAC — roles defined in the database
Sensitive dataEnvironment variables via .env; never hardcoded in source

Code Style

DecisionExample value
ParadigmFunctional-first / Object-oriented
ConventionsSee reference repo in MASTER_PROMPT.md
Max function complexity20 lines / cyclomatic complexity < 5

State Management

Document where state lives and how it flows through the system. Example:
Server state in the database; UI state in React Context (no Redux until scale demands it).

4. External Integrations Table

Purpose: Track every external service the project depends on, including rate limits and operational notes. The AI uses this table during /plan to flag integration risks.
ServicePurposeNotes / Limits
Stripe APIPaymentsRate limit: 100 req/s
SendGridTransactional emailFree tier: 100 emails/day

5. Constraints & Technical Risks

Purpose: Document the hard boundaries the implementation must stay within, and the risks that have been identified but accepted or mitigated.
- **Constraint:** Deployment target is a 1 GB RAM VPS — optimize memory footprint.
- **Risk:** Third-party API dependency with no guaranteed SLA.
  - **Mitigation:** Circuit breaker + 5-minute local cache.

6. Agent Harness

The Agent Harness is the most important section of ARCHITECTURE.md for AI-assisted development. It defines the complete infrastructure, context, tools, and constraints under which the AI agent operates. A well-configured harness produces safer, more consistent, and more autonomous AI behavior.
The AI is explicitly instructed to respect the harness configuration documented here. Any deviation — adding a new MCP server, changing sandboxing, or modifying guardrails — must be logged as a Technical Decision in memory.md and approved by the developer before proceeding.

6.1 Context Management (Static vs. Dynamic/Skills)

This sub-section defines what context the AI loads at startup versus what it retrieves on demand.
TypeDescription
Static ContextGlobal rule files and memory loaded at every session start. Examples: CLAUDE.md, GEMINI.md, memory.md. These are always in the AI’s context window.
Dynamic Context / SkillsSkill modules in skills/ or RAG pipelines loaded on demand by the agent. These are retrieved only when the relevant task requires them, keeping the baseline context window lean.

6.2 Tools & MCP (Model Context Protocol)

This sub-section declares the MCP servers the agent is authorized to use and where their configuration lives.
FieldExample
Required MCP Serversfilesystem, sqlite (structured data access), github (PR management)
Purposee.g., Direct connection to staging database for context queries
Configuration Files.claude/settings.json, .windsurfrules, or equivalent

6.3 Execution Environment (Sandboxing)

This sub-section defines the isolation boundaries within which the AI runs code.
### 3. Execution Environment (Sandboxing)
- **Isolation:** [Define the sandbox. E.g., Local Docker container, VM,
  or local virtual environment (venv).]
- **Execution Limits:** [Token cost limits, timeout thresholds, or maximum
  iteration count for async commands.]
Python projects: MASTER_PROMPT.md mandates that Python projects always use a local venv/. The harness should document this explicitly and ensure venv/ is in .gitignore.

6.4 Deterministic Security Guardrails

This sub-section defines the automated checks that run deterministically — independently of the AI — to catch security issues that a generative model might introduce.
GuardrailPurpose
LintersEnforce code style and catch common errors at pre-commit time
Pre-commit hooks with gitleaksScan for secrets (API keys, passwords, tokens) before they enter git history
SAST toolsStatic Application Security Testing to catch vulnerability patterns
Commit/push policiesBlock commits containing strings that resemble API keys or passwords
The goal of this layer is to create a safety net that does not depend on the AI’s own judgment — deterministic tools catch what probabilistic models miss.

6.5 External Agent Interface (Agent Readiness)

This sub-section is only required when Agent Readiness (Web): Yes is set in project.config.md. It documents the architecture for external agent discoverability.
FieldWhat to document
AutodiscoveryHow AI resources are exposed — e.g., HTTP Link headers injected by the web server pointing to agent cards and API catalog
Protocols & CardsLocation of agent.json and mcp.json in .well-known/. Support for the Model Context Protocol (MCP) and WebMCP on the client side
Content FormatContext optimization policies: dynamic Markdown negotiation for Accept: text/markdown headers and the structure of agent-skills/

Closing Instruction

The final line of ARCHITECTURE.md carries a binding instruction:
**AI Instruction:** Respect the decisions and harness configurations documented
here. If you need to deviate for a technical reason or want to suggest a new
MCP tool or Skill for the project, log it as a "Technical Decision" in
`memory.md` and obtain developer approval.

Build docs developers (and LLMs) love