fastpace

Threat model

The lethal trifecta — and the three primitives that break it.

Every successful AI-coding-agent attack so far (EchoLeak, prompt-injection via untrusted web fetches, exfil-via-tool-call) combines the same three legs: private data access + untrusted content + an exfiltration channel. Break any one and the attack collapses. fastpace ships a deterministic Layer-1 primitive for each.

1 Private data access

Prompt redactor (F0.5) strips secrets, PII, and sensitivity-tagged context before the prompt leaves the box. Hash-only manifests — no plaintext on disk.

hooks.prompt_redactor: { sensitivity: restricted-blocked }

2 Untrusted content

Agent identity & scope manifest (F0.4) enforces allowed-paths + allowed-command-patterns at the PreToolUse hook. An agent that fetched untrusted content can't act outside its scope — even if the prompt told it to.

agent.identity.yaml: { allowed_paths: ["src/**"] }

3 Exfiltration channel

Approved-runtime registry (F1.11) + runtime-guard hook block calls to non-allowlisted endpoints at exit code 2. Every outbound call is signed into the F0.2 audit chain — exfil leaves a forensic trail or doesn't happen.

runtimes.allowed: [bedrock-claude-opus-4.7]

EchoLeak (Microsoft 365 Copilot zero-click prompt-injection) is the cited recent example — see the full breakdown on /compliance →

Context depth

Better domain context → better code

Every artifact you add to the repo gives the AI runtime better understanding. Code quality compounds as context layers up — and it all lives in git. Each tier produces stronger audit evidence too: by L5, every decision has a reviewable rationale on file.

Code quality →

Expert High Fair Low

L1 · code only

L2 · + architecture

L3 · + PRD / ERD

L4 · + execution plan

L5 · + ADRs & learnings

code only

+ architecture

+ PRD / ERD

+ execution plan

+ ADRs & learnings

Context depth →

Tier

Context added

What the AI can reason about

L1

Code only

AI ignores business intent, conventions, and history.

L2

+ architecture & patterns

AI follows conventions, but lacks business-domain awareness.

L3

+ PRD / ERD

AI respects acceptance criteria and interface contracts. ↳ ISO/IEC 42001 §8.4 evidence on file

L4

+ execution plan

AI respects phase boundaries and dependency ordering. ↳ phase boundaries = approval checkpoints · EU AI Act Art. 14

L5

+ ADRs & learnings

Complete institutional awareness. AI avoids repeating past mistakes. ↳ ADRs = SOC 2 CC8.1 + NIST AI RMF GOVERN-3.2 evidence

Measure & improve

Track and improve repo quality

Six dimensions, one grade. Each fix maps to a skill that closes the gap.

In Claude Code

/fp-context-score alias: /fp-repo-quality

Top-3 ranked fixes, each tied to a skill. Read-only.

In your terminal

fastpace context-score alias: fastpace repo-quality

Deterministic, no LLM call. Drop into CI.

--explain --json --debug

$ fastpace repo-quality

⚡ fastpace repo quality · grade B (74)

  ✓ doc inventory          88   A   (7/9 files present, glossary thin)
  ✓ why-density            71   B   (18% of comments explain why; target 25%)
  ! decision links         42   D   (0.4 refs/kLOC — sparse)
  ✓ docstring richness     79   B   (61/77 exports rich)
  ! vocabulary             55   C   (11/20 top terms in glossary)
  ✓ freshness              92   A

  weighted total: 74 / 100  ·  grade B

top-3 fixes (impact / effort)
  1 ▸ +6 pts · /fp-teach glossary             — define 9 missing top-terms (~20 min)
  2 ▸ +5 pts · /fp-write-adr                  — capture 3 large untracked calls (~45 min)
  3 ▸ +3 pts · docstring sweep                  — src/billing/ · 9 of 11 exports bare (~30 min)

Shared surface

One surface for product, eng, and compliance

No more shuffling artifacts between Confluence, Jira, Slack, slide decks, GRC tools, and audit binders. Every team — from product to compliance — works against the same git-backed source of truth. Committable, reviewable, audit-ready.

Product

Write PRDs, not tickets

Architects

Approve ERDs and ADRs

Developers

Ship features with guardrails

Leaders

See reality, not slideware

DevOps

Codify deploys, runbooks, alerts

Security

Review every decision

Risk

Track exposure, mitigations

Compliance

Audit-ready by default

Your repo

git · audit-ready

What you actually deploy

Five surfaces. Different audiences. One audit chain.

A customer install is more than a CLI. Each portal answers a different buyer's question and runs in a different trust boundary. The signed audit chain is the invariant connecting them.

$

Interactive sandbox

Anyone curious

WhereIn your browser · no install

Real terminal emulator. Type fastpace commands, see live-shape output. 60-second test-drive.

Try the sandbox →

⌘

Local UI

Each developer + auditor

WhereDeveloper laptop · 127.0.0.1:7777

Per-install dashboard. 56 views across identity, audit chain, manifests, agents, exceptions, ROI, maturity. Live SSE updates.

Click through the local UI →

◐

Org dashboard

Security + IT in production

WhereSelf-hosted in your VPC

Standalone Node server. Ingests signed audit summaries from every install, rolls up by repo / team / org. Never sees plaintext code.

Take the org-dashboard tour →

🛡

Trust portal

Pre-sale CISO + procurement

Wheretrust.fastpace.net · consent-gated

Buyer-facing posture page per customer. Attestations, sub-processors, threat model, evidence-request flow. Opt-in publication.

Take the trust-portal tour →

📖

Docs site

Operators + auditors

Wheredocs.fastpace.net

14 reference pages: CLI, primitives, audit schema, hooks, framework mapping, threat model, runbooks. Single-source-of-truth markdown.

Open the docs ↗

Trust boundaries: fastpace-hosted public + consent-gated your VPC self-hosted, your data plane developer laptop local only · code never leaves

By role

Closer to the code, whichever team you're on

Whichever team you're on, the repo is your surface. Tab between Product and DevOps / SRE deep-dives below — and see the dedicated Security & Compliance section further down for the GRC angle.

For product managers

Product, closer to the code

Stop guessing. Stop pinging engineers for context. Stop writing PRDs in a vacuum. fastpace gives product folks direct, terminal-grade access to the same truth engineers see — no special tools, no permission slips, no waiting.

Research without paging eng

/fp-ask

Slacking three engineers to find out how something works today.

example

$/fp-ask "how does our checkout retry logic work today?"› checked fastpace/context/architecture.md› checked fastpace/context/decisions.md Retries live in `processWithRetry()` (src/checkout/retry.js).3 attempts, exponential backoff (1s · 2s · 4s).Decision 2025-02-14: don't retry on 4xx errors. sources: retry.js  ·  decisions.md:L42

Self-serve answers in seconds — with citations.

Write PRDs grounded in what exists

/fp-write-prd

PRDs that assume capabilities the codebase doesn't have — then bounce on review.

example

$/fp-write-prd partial-refunds› cross-referencing existing payments code› checking decisions.md for refund precedents Q: who hurts today?A: support agents — manual refunds take 8 minQ: success metric?A: 80% of partial refunds self-serve ✓ wrote fastpace/docs/prd/partial-refunds.md! flagged 2 conflicts with the existing capture flow

Eng signs off on the first review — no architectural rewrites.

Trace any decision in seconds

fastpace why

"Why does the cart timeout after 15 minutes?" — answer buried in someone's head.

example

$fastpace why src/cart/session.js:42› traced through git log, ADRs, decisions.md PRDcart-abandonment-recovery  ·  2024-08-12ERDcart-session-designADR0004-15min-cart-timeoutCOMMITabc123  ·  PR #847 reason: avoid orphaned sessions blocking inventory

Full ancestry — PRD → ERD → ADR → commit — instantly.

Already wrote the PRD? Pair with /fp-prd-to-erd to hand it to engineering — they'll get a contract-grade ERD in one step, with your acceptance criteria preserved.

For DevOps & SRE

DevOps, closer to the code

Stop hand-writing runbooks nobody reads. Stop chasing "why is it configured this way" across Slack scrollbacks. fastpace turns deploy decisions, post-mortems, and policy changes into reviewable, traceable git artifacts.

Codify deploy decisions

/fp-write-adr

We migrated ECS to Fargate last quarter — nobody fully remembers why.

example

$/fp-write-adr fargate-migration› cross-referencing infra/ for current config› checking decisions.md for prior infra choices Q: what changed?A: ECS-on-EC2 → FargateQ: why?A: ops burden of patching AMIsQ: cost impact?A: +12% (acceptable) ✓ wrote fastpace/docs/adr/0019-fargate-migration.md

Decisions you can find — and defend — in five years.

Postmortem → learning

/fp-extract-learnings

Each incident produces a doc nobody reads. Same mistake six months later.

example

$/fp-extract-learnings incident-2026-04-12› reading post-mortem from docs/incidents/› extracting reversals, surprises, workarounds redis cluster failover takes 90s, not 30salarm thresholds were calibrated for old trafficTTLs on hot keys must be staggered ✓ appended 3 entries to fastpace/context/learnings.mdstatus: unreviewed  ·  triage in fastpace ui

Same mistake never happens twice — the AI remembers.

Audit who changed what

fastpace why

Who tweaked the rate limiter at 3am Tuesday — and why?

example

$fastpace why infra/rate-limit.yaml› traced through git log, ADRs, decisions.md PRDrate-limit-endpointsERDrate-limit-designADR0011-token-bucketCOMMIT8a7f3  ·  PR #912 reason: throttle abusive scrapers without blocking legit traffic

Change history with motive — no Slack archaeology.

Pair with /fp-doctor to verify install health on every host, or fastpace status to summarize what's in flight before standup.

Reference customers · NDA only

Join our list of reference customers

fastpace is in design-partner phase. References are by request only, under NDA — no public logo wall, no fabricated stats, no testimonials we didn't earn. The trust we offer is the score-pause guarantee, not someone else's logo.

No fake logos

We don't list customer names we don't have. The only way you find out who else uses fastpace is to ask, sign an NDA, and we'll connect you to a reference.

No fabricated stats

We won't tell you "47% faster" or "1,200 engineers" until that's real and audited. The metric we promise to move — your domain-context score — is one you measure yourself.

No silent guardrail weakening

Every guardrail change is approved by you and logged to the hash-chained audit log. We will not silently weaken your audit signal — and you can verify it with a single command.

See the guarantee → Become a design partner

What CISOs are budgeting for

The numbers driving the 2026 conversation

Every claim below pairs a publicly cited 2026 CISO concern with the fastpace primitive that closes it — and the framework control it satisfies.

83%

CISOs concerned about autonomous agent misuse

Every fastpace agent has a declared identity, a bounded scope, and a circuit breaker on behavioral divergence.

See agent governance →

NIST AI RMF MEASURE-2.6 · EU AI Act Art. 14

78%

CISOs worried about data leakage via AI prompts

Pre-prompt redaction strips secrets, PII, and tagged-sensitive content before any prompt leaves the box.

See the redaction layer →

ISO/IEC 42001 §8.3 · EU AI Act Art. 10

75%

orgs have discovered unsanctioned AI tools in production

fastpace announces itself to your discovery stack with a manifest at a well-known path. No shadow AI by construction.

See discovery →

NIST AI RMF MAP-1.1

95%

security leaders doubt they could detect a compromised AI agent — and 95% effectiveness on detection alone is a failing grade

fastpace pairs deterministic Layer 1 controls (redaction, scope, blast-radius limits) with Layer 2 behavioral baselines and circuit breakers — so detection isn't the only line of defense.

See the four primitives →

NIST AI RMF MEASURE-2.7 · ISO/IEC 42001 §9.1

Spec-driven development, upgraded

PRD → ERD → execution plan, in your repo

Spec-driven dev usually stops at the spec. fastpace doesn't. PRDs become engineering designs (ERDs); ERDs become execution plans of waves, epics, and stories — grounded in your architecture, decisions, and patterns. Every artifact is a reviewable file in your repo, not a ticket in a separate tool. Tab through the steps.

Architectural pattern The lifecycle implements Plan-Then-Execute — tool calls are planned (PRD → ERD → execution-plan) before any agent is exposed to untrusted content during implementation. Specialist subagents (planner, reviewer, erd-guru) operate as Dual-LLM-shaped: a privileged coordinator orchestrates scoped specialists in fresh contexts.

Each step commits a reviewable artifact: PRD.md· ERD.md· execution-plan.json· watch-cards/· audit.log· status-reports/

Better PRDs

PRDs the AI can verify against your code

Most PRDs get written in a vacuum — assumptions about what exists, vague success metrics, no awareness of conflicting prior decisions. /fp-write-prd runs a structured interview, then cross-references every answer against the repo before writing the artifact.

interview /fp-write-prd credit-card-validation

Q. who hurts today?

user checkout shoppers typing bad credit cards

Q. what triggers the pain?

user no client-side validation; payment service rejects on submit

Q. success metric?

metric 40% fewer rejected card submissions

Q. in scope?

scope card number, expiry, CVC format checks

Q. out of scope?

scope 3DS, fraud scoring (later phase)

Q. rollout?

rollout 10% canary → 100% over 2 weeks

output fastpace/docs/prd/credit-card-validation.md

Problem shoppers · pain · trigger ✓
Goals measurable outcomes ✓
Non-goals explicitly excluded ✓
Users who benefits, who doesn't ✓
Success one north-star metric ✓
Scope in / out / later ✓
Open issues unanswered questions ✓

✓ wrote credit-card-validation.md · status draft

Why "grounded"? The interview is just the input. The PRD is reconciled against your repo before it lands.

cross-ref Compared answers to src/checkout/*.ts — flagged 2 capabilities already implemented.

glossary Used canonical term "checkout" (from glossary.md) instead of "purchase flow" from your input.

decisions Detected conflict with ADR-0003 (no PII in client logs) — surfaced for review.

patterns Suggested following the existing retry-with-backoff pattern from patterns.md.

PRD → ERD

Grounded designs

/fp-prd-to-erd reads the PRD and your fastpace/context/. The ERD that comes out already knows your decisions, your patterns, your domain terms.

PRD credit-card-validation.md approved

Problem

Checkout submits fail for 12% of users because bad card numbers aren't caught until the processor rejects them.

Who

Logged-in shoppers at checkout.

Goal

Reject invalid cards client-side before submit. Drop rejection rate below 3%.

Non-goals

Fraud scoring. Chargeback handling.

Success metric

Checkout submit success ≥ 97% (7-day average).

DOMAIN CONTEXT fastpace/context/

decisions.md

2025-02-14 — No PAN in logs. CVC never stored.

→ decides the security section

architecture.md

Checkout handler is POST /api/cart/submit · Express middleware chain.

→ fixes the entry point + boundary

patterns.md

## retry-with-backoff — withRetry(fn, { tries: 3, base: 200 })

→ picks the retry idiom

glossary.md

tenant — top-level partition. luhn — checksum.

→ names stay correct

ERD credit-card-validation.md drafted by Claude

Interface contract

POST /api/cart/submit pre-validates with validateCard(pan, month, year, cvc). from architecture.md

Acceptance criteria

• luhn checksum passes · • expiry in the future · • cvc is 3–4 digits names from glossary.md

Security

PAN never logged. CVC never stored. Redact in all error paths. from decisions.md (2025-02-14)

Reliability

External BIN lookup wrapped in withRetry(fn, { tries: 3, base: 200 }). from patterns.md

Rollback

Feature-flag cc_client_validation. Default off.

/fp-prd-to-erd credit-card-validation

→ drafted ERD at fastpace/docs/erd/credit-card-validation.md · 4 context files consulted

grounded

ERD → Execution plan

Plans that know your codebase

/fp-erd-to-execplan breaks an ERD into waves, epics, and stories — but sized by your architecture, patterns, learnings, and prior plans. Not generic estimates.

ERD credit-card-validation.md approved

Contract

POST /api/cart/submit with validateCard(…)

Acceptance

luhn · expiry · cvc 3–4 digits · BIN lookup fallback

Security

PAN redacted; CVC never stored

Reliability

Retry with backoff; idempotent server path

Rollout

Feature flag, 10% canary

DOMAIN CONTEXT fastpace/context/ + prior plans

architecture.md

Modules: checkout · billing · notifications. Shared @core/http for retries.

→ picks the modules each story touches

patterns.md

## retry-with-backoff · ## idempotency-key · ## feature-flag

→ reuses proven idioms → fewer stories

learnings.md

2025-03-02 — retry storms without jitter caused a thundering herd on recovery.

→ inserts a "jitter" story into wave 2

exec-plans/prior.json

Last feature of this size shipped in 3 waves · ~42h.

→ calibrates hour estimates

EXECUTION PLAN credit-card-validation.json 3 waves · 38h

3

waves

4

epics

10

stories

7

on critical path

W1

Validate client-side

1 epic · 3 stories · 12h

E1 client validation

S1 luhn + expiry checker patterns.md 4h ▸

S2 cvc format guard 2h ▸

S3 error UX states 6h

W2

Wire retries & server path

2 epics · 5 stories · 18h

E2 BIN lookup + retry

S4 withRetry wrapper patterns.md 3h ▸

S5 jitter on 5xx learnings.md 3h ▸

S6 idempotency header patterns.md 4h ▸

E3 server pre-validate

S7 submit middleware architecture.md 5h ▸

S8 PAN redaction logs decisions.md 3h

W3

Roll out

1 epic · 2 stories · 8h

E4 feature flag + metrics

S9 flag on 10% canary patterns.md 3h ▸

S10 dashboards + alerts 5h

/fp-erd-to-execplan credit-card-validation

→ saved fastpace/exec-plans/credit-card-validation.json · opens in fastpace ui to assign names & track progress

calibrated

Feature lifecycle

Backlog → Done

Domain context and spec is the new code Lock in the what and the why before any code gets written.

Planning

Spec

Write tests

Implement

Run tests

Document

Create PR

Push

/fp-new-feature · credit-card-validation

1 ⚡ planning

  problem:   pasting card numbers is error-prone
  user:      logged-in shoppers at checkout
  goal:      reject invalid cards before submit

✓ approve planning? yes

2 ⚡ spec
  drafting fastpace/docs/erd/cc-validation.md…
  • contract: validateCard(pan, month, year, cvc)
  • data model: no schema change
  • security: no PAN logged; CVC never stored
  • acceptance: luhn pass, expiry future, cvc 3-4 digits

✓ approve spec? yes

3 ⚡ write tests
  writing 14 failing tests in tests/cards.test.ts…

◐ phase 4 · implementing 0%
↳ state saved · watch-cards/credit-card-validation.json

Every phase

produces a durable artifact

Planning

problem · user · goal

✓

Spec

ERD · contracts · security

✓

Write tests

failing tests

◐

Implement

code to make tests pass

Run tests

green suite

Document

README · inline docs

Create PR

PR draft from ERD

Push

branch + PR opened

Approval gate per phase (developer / lead / architect)

State saved to watch-cards/ — resume any time

No push or PR without your explicit approval — ever

Stop, leave, come back

Pick up where you left off

Start working on a feature. Close your laptop. Come back tomorrow. State is saved after every phase — branch name, base branch, risk class, completed phases — so any AI or any engineer can reconstruct the full context in flight.

Artifacts persisted with the state
Watch cards at fastpace/watch-cards/<feature>.json
Swap models tomorrow — the card still works
Multiple features in flight at once — no merge conflicts in state

Credit card validation

feat/credit-card-validation → main

● medium risk updated 2h ago

✓ planning ✓ spec ✓ write tests ◐ implement run tests docs PR push

implement 0% 3 of 8 phases

Approvals

planning developer spec team_lead implement awaiting…

Artifacts

fastpace/docs/specs/cc-validation.md

resume with — Claude rehydrates the full state from this card.

Status reports

No more Jira-to-slides

fastpace reads your PRDs, ERDs, execution plans, git history, and in-flight features — then generates a structured report for leadership in seconds. Pick a period, an audience, the sections you want, and hit one button.

localhost:7777 / status-reports

Status reports

Configure the period and audience, pick what to include, then generate.

Report criteria

Reporting period

last 7 days

Audience

VP of Engineering

Include in report

✓ Last 7 progress ✓ Execution plan ✓ Risks / blockers ✓ Next 7 days

✓ saved to fastpace/docs/status-reports/2026-04-23-vp.md

Generated report ↓ rendered preview · saved to docs/status-reports/

Period

last 7 days

Audience

VP of Engineering

Last 7 days · progress

3 features

Credit card validation44% → 62%implement · Priya

Migrate auth to OIDC6% → 14%spec · Lee

Rate-limit endpoints58% → 82%create-pr · Sam

Execution plan

on track

Q2 · 9 weeks

Apr 1 — Jun 3

W1W2W3W4W5W6W7W8W9

cc-validation

62%

oidc

14%

rate-limits

82%

done active planned blocked

Risks & blockers

1 red · 1 yellow

OIDC rollout blocked

security sign-off pending

path to green security team review · ETA Tue · owner: Lee

Rate-limit provider at risk

quota changes possible next quarter

path to green draft fallback adapter · ETA this sprint · owner: Sam

Critical findings clear

none open this period

Next 7 days · priorities

Mon → Fri

Ship cc-validationcanary 10%Mon · Priya

Close OIDC specsign-offTue · Lee + legal

Publish rate-limits post-mortemdraftWed · Sam

Reports save as committable markdown in fastpace/docs/status-reports/ — the team gets a permanent version-controlled record.

Agent governance

Safe enablement, by primitive

83% of CISOs are concerned about autonomous agent misuse. fastpace answers with four primitives mapped to the three security-architecture principles governing AI agents — identity and inventory (well-defined human controllers), scope (power limitations), and observability (auditable actions). All deterministic Layer 1 controls — built into the runtime, not retrofitted on top.

Identity

Every fastpace agent declares what it can do. Nothing implicit. Nothing ambient.

# .claude/agents/reviewer.md frontmatter

agent_id: reviewer

allowed_tools: [Read, Grep, Glob, Bash]

allowed_paths: [src/**, tests/**, *.md]

allowed_command_patterns: [^git , ^rg ]

max_files: 40

max_tokens: 80000

Scope

Blast-radius limits per session. Circuit breaker on behavioral divergence.

$ fastpace agents log --agent reviewer --since 24h

reviewer · 12 files read · 0 written

reviewer · 1 shell command (rg)

! divergence: files 3.2× baseline (16 vs 5.0)

⏸ session paused — awaiting exception

fastpace exception request --agent reviewer …

Inventory

One command lists every agent, runtime, and identity on this machine.

$ fastpace inventory

REPOS (1)

acme-api · 7 agents · 15 hooks · 14 skills

AGENTS (7)

planner · reviewer · prd-guru · …

RUNTIMES (2)

bedrock-claude-opus-4.7 · vertex-*

HOOKS (15)

✓ runtime-guard · ✓ audit-logger · …

Observability

Every action and approval lands in a hash-chained, signed audit log. Tamper-evident by construction.

$ fastpace verify

AUDIT CHAIN

✓ chain integrity: 1,847 entries

✓ signatures verified 1,847

unsigned entries 0

LAST ENTRY

seq 1846

tool · phase Read · PostToolUse

entry hash 9961395dc0a22987…

Discovery first

Not shadow AI. Announced AI.

Every fastpace install writes a discovery manifest at two well-known paths — one per machine, one per repo. CrowdStrike, Wiz, and Beyond Identity scans walk those paths and find every install. No agent crawler. No laptop-scraping. No shadow AI.

1
Two manifest paths, one schema.
~/.fastpace/manifest.json rolls up every repo on the host. <repo>/fastpace/manifest.json declares what's wired into that repo — agents, hooks, runtimes, MCP servers, skills, integrations.
2
One command lists the fleet.
fastpace inventory aggregates across repos with provenance. --json for machine output. Pipe it into your SIEM, or call it from a discovery scan.
3
Signed by the install identity.
Every manifest carries the install's Ed25519 fingerprint. Forge-resistant proof of which install wrote which row — the substrate F1.12 sanctioned-install attestation builds on.

NIST AI RMF · MAP-1.1 ISO/IEC 42001 · §7.4 SOC 2 · CC1.4 / CC8.1 GDPR · Art. 30

~/work/acme-api · fastpace inventory

$ fastpace inventory

  install       3b63e2d3d7f44635  sha256:3b63e2d3…ccd7f3c7e38a9d78
  machine       acme-mbp-117  · version 0.4.0
  last refresh  2026-04-29T02:50:38Z

REPOS (2)
  acme-api      /Users/d/work/acme-api
    7 agents · 15 hooks · 14 skills · 2 runtimes  · last activity 2026-04-29
  acme-billing  /Users/d/work/acme-billing
    7 agents · 15 hooks · 14 skills · 2 runtimes  · last activity 2026-04-28

AGENTS (7)
  doc-writer · erd-guru · execution-planner · onboarder · planner · prd-guru · reviewer

RUNTIMES (2)
  bedrock-claude-opus-4.7
  vertex-*

HOOKS (15)
  on   runtime-guard
  on   audit-logger
  on   dangerous-command-guard
  on   secret-scanner
       … 11 more

MCP SERVERS (3)
  jira · linear · github

INTEGRATIONS (1)
  jira · issue-tracker

Evidence in seconds

One command. Every artifact the auditor reads.

fastpace snapshot --since 2026-01-01 bundles the full audit dossier into a single .tar.gz: every ADR, the hash-chained audit log, the per-call run manifests, the discovery manifest, and the framework-mapping doc. Auditors self-serve. Engineers don't have to be in the room.

~/work/acme-api · fastpace snapshot

$ fastpace snapshot --since 2026-01-01

BUNDLING
  context         7 files · 12 KB
  ADRs            23 decisions  · 84 KB
  audit log       1,847 entries · hash-chain valid
  manifests       412 receipts · all signed
  discovery       2 repos · 4.2 KB
  framework map   42 controls · 6 frameworks
  AI-BOM          v3 · CycloneDX-AI · 412 calls · score 87

✓ snapshot.acme-api.2026-04-29-10h17.2c8a4f.tar.gz (1.6 MB)

VERIFY
  fastpace verify            ✓ chain integrity: 1,847 entries
                             ✓ signatures verified  1,847
  fastpace verify-provenance 2c8a4f
                             ✓ commit · trailers · manifest · signature · audit-link
  signed by                  sha256:3b63e2d3d7f44635…

Auditor demo, no engineer needed.
Hand over the snapshot + the public key. They run fastpace verify on their machine and confirm tamper-evidence themselves.
Per-call receipts (F1.1).
Every AI invocation writes a signed manifest with model · endpoint · training-opt-out · prompt-hash · response-hash. Plaintext never leaves the box — only sha256 digests.
Framework mapping (F1.15) is shipped, not spoken about.
NIST AI RMF · ISO/IEC 42001 · EU AI Act · SOC 2 · ISO 27001 · GDPR controls cross-referenced to the primitive that satisfies each, with an evidence link per row.
Per-commit provenance (F2.3).
AI-attributed commits carry AI-Model:, AI-Manifest-Id:, AI-Approver: trailers. fastpace verify-provenance <sha> walks commit → trailers → F1.1 manifest → manifest signature → F0.2 audit-chain link and reports per-layer status. Five layers, all tamper-evident.
Per-release AI-BOM (F2.4).
One signed CycloneDX-AI envelope per release at fastpace/aibom/<tag>-<ts>.json aggregating every runtime invoked, training-opt-out status, total prompts, redaction events, correction events, AI-attributed commits, and the reliability score. The artifact for AI software supply chain.
Reproducible.
Snapshot filename carries the git SHA + ISO timestamp. Re-run with the same --since later and diff the bundles.

NIST AI RMF · MEASURE-2.7 ISO/IEC 42001 · §9.2 EU AI Act · Art. 12 SOC 2 · CC8.1

Safe enablement

What happens when something goes wrong.

The 94% of CISOs who chose "safe enablement" over "block everything" meant: fastpace must give developers a path forward when a guardrail fires, not a wall. Here's the four-step path that ships in 0.8.0.

1
Blast radius hits a cap.

Each agent's identity manifest declares max_files, max_commands, max_tokens, max_duration_seconds. Per-session counters live at fastpace/.agent-sessions/. The agent-scope-guard hook pauses on the call that would exceed any cap.
```
$ # 41st file read this session
[fastpace] agent "reviewer" denied: max_files exceeded (40 >= 40)
```
2
Or: behavior diverges from baseline.

F1.3 circuit breaker reads the prior 14 days of audit-chain entries, computes the average shape of a session for this agent, and pauses when the current session diverges by 2.5× on any of files / commands / duration. Refuses to fire below 3 sample sessions to avoid new-install false positives.
```
$ fastpace agents log --agent reviewer --since 24h
! divergence: files is 3.2× baseline (current=16, baseline_mean=5.0)
⏸ session paused — awaiting human approval
```
3
Coach agent points at the exception path.

Every block emits a structured coaching message with the exact fastpace exception request command pre-filled for the tool / path / agent. F1.9 is the answer to "blocked walls erode trust" — the developer always knows what to do next.
```
[fastpace coach] What you can do:
  • Adjust the agent's scope: `fastpace grant max-files reviewer 80 --reason "..."`
  • Request a time-boxed exception:
    fastpace exception request --tool Read --agent reviewer \
      --reason "investigating prod incident" --ttl 60
```
4
Exception with risk-tier classification.

Per CISO 01: avoid prompt fatigue. Risk tiers low (auto-pass), medium (self-approve), critical / irreversible / exfil_eligible (named reviewer required). Every exception writes a signed entry to the F0.2 audit chain, has a mandatory TTL, and shows up in fastpace exception list. The exception itself is the audit record.
```
$ fastpace exception list --json
{
  "id": "a14b2c",
  "granted_at": "2026-04-29T14:21:08Z",
  "expires_at": "2026-04-29T15:21:08Z",
  "risk_tier": "medium",
  "reviewer": "self",
  "agent": "reviewer",
  "reason": "investigating prod incident"
}
```

NIST AI RMF · MEASURE-2.6 / MANAGE-2.4 ISO/IEC 42001 · §9.1 EU AI Act · Art. 14 (human oversight) SOC 2 · CC8.1

Reliability we measure

The metric your AI vendor doesn't print on a slide.

Every time a developer edits AI-authored code, fastpace records a correction event — classified by severity (cosmetic / functional / security), tied to the agent that wrote the original, signed into the F0.2 audit chain. The events roll up into the AI reliability score — a single number, 0–100, that drops when the AI is making mistakes.

AI reliability score

87

/ 100

30-day window · 12,420 AI lines · 1,623 corrected

~/work/acme-api

$ fastpace reliability score

  score         87 / 100
  window        30 days
  AI lines      12,420
  corrections   102 events · 1,623 lines

BY SEVERITY
  cosmetic     41
  functional   58
  security     3   ← review the security column

BY AGENT
  reviewer            64
  planner             27
  doc-writer          11

TOP FILES
  18  src/auth/session.ts
  14  src/billing/charge.ts
   9  src/api/webhooks.ts

The audit-chain link.
Every correction event signs into fastpace/audit.log the same way an AI tool call does. The score has tamper-evident lineage. Rotate the F0.1 key and old corrections still verify against the archive.
Severity classification.
security fires when the changed text touches a sensitive token (password, secret, api_key, token, eval, child_process, exec). cosmetic requires every changed line to be whitespace, comment, or import only. Everything else is functional. Auditor-readable rule, no ML.
Per-agent breakdown.
If reviewer generates 60% of the corrections, fastpace grant the right scope or rewrite the agent's prompt. The metric is actionable, not just a dashboard pretty-printer.
Honest about what it can't measure.
Score returns null when there's no AI authorship in the window — no AI calls, no number to print. Fastpace doesn't fabricate a score from nothing.

NIST AI RMF · MEASURE-2.5 / MEASURE-3.2 ISO/IEC 42001 · §9.1 (performance evaluation) EU AI Act · Art. 15 (accuracy + robustness)

F2.15 · ROI dashboard

The slide procurement keeps asking for.

Dev-hours saved, AI-call cost, ROI ratio — derived from the same signed run manifests fastpace already writes for every AI call. Per repo, per agent, per runtime. Falls back to a clearly labeled source: sample dataset until your install has accumulated meaningful telemetry; flips to source: measured automatically.

ROI ratio

6.5×

$1 of AI-call spend → $6.50 in dev-hours saved

Saved (USD)

$33,300

222h @ $150/h blended · 30-day window

Cost (USD)

$5,110

1,184 calls · 4.2M tokens

Throughput

+38%

PRs/week 62 → 86 · time-to-merge 3.4d → 2.0d

~/work/acme-api

$ fastpace roi report

  source: sample  — this install has < 3 run manifests in window. Showing illustrative dataset.

  ROI ratio        6.5×  every $1 of AI-call spend returns $6.50 in dev-hours saved

  DEV-HOURS SAVED
    hours saved from calls     214
    hours saved from audit     8
    total hours                222
    blended rate               $150 / hour
    dollars saved              $33,300

  AI-CALL COST
    calls                      1,184
    tokens                     4,200,000  (2,810,000 in / 1,390,000 out)
    total cost                 $5,110

    by runtime
      bedrock-claude-opus-4.7              942 calls   $4,820
      bedrock-claude-sonnet-4.6            218 calls     $290
      bedrock-claude-haiku-4.5              24 calls       $8

  PER REPO
    acme-api       8.1×  ·  saved  $14,200 · spent  $1,750
    acme-web       5.4×  ·  saved   $9,400 · spent  $1,740
    acme-infra     4.9×  ·  saved   $6,200 · spent  $1,260
    acme-data      3.0×  ·  saved   $2,300 · spent    $360

📈

No fabrication.

The cost numerator is the F1.1 run manifest — every AI call writes a signed receipt with model, runtime, and input/output token counts. Pricing comes from an org-configured table at fastpace/budgets/policy.json > pricing.

⏱

Hours-saved heuristic, audit-readable.

2 / 6 / 12 minutes saved per call by response complexity, plus audit-prep hours saved per quarter (org-configurable). No ML — the multiplier is stable, written down in src/roi.js, and visible in the JSON output.

🏷

Sample data is labeled sample.

Until you have ≥ 3 run manifests in window, the dashboard surfaces a clearly tagged illustrative dataset and switches to source: measured automatically. The master roadmap forbids the alternative — the failure mode is fabricating ROI numbers customers can't trust.

🌐

Fleet rollup in the org dashboard.

@fastpace-ai/org-dashboard aggregates per-repo ROI into a fleet view at /api/org/roi, with team-level breakdowns when the agents → team mapping is configured.

Try it without installing → type fastpace roi report in the sandbox

Guardrails

Policies, not pleases

Configured in fastpace.config.yaml. Safe defaults out of the box.

fastpace.config.yaml click any tile above → the YAML updates live

fastpace will never silently weaken a guardrail — every change is approved by you and logged to fastpace/audit.log.

Framework coverage

Mapped to what auditors are actually asking about

Built into the product, not retrofitted onto it. Every fastpace primitive maps to a control in the frameworks the 2026 audit cycle is centered on — including the three new AI-specific ones.

Capability	AI-specific			Traditional infosec
	NIST AI RMF	ISO/IEC 42001	EU AI Act	SOC 2	ISO 27001	HIPAA
Discovery manifest	GOVERN-1.6	§7.4	Art. 12	CC6.1	A.5.9	§164.308
Agent identity & scope	GOVERN-3.2	§6.1.4	Art. 14	CC6.6	A.5.16	§164.312
Hash-chained audit log	MEASURE-3.1	§9.2	Art. 12	CC7.2	A.8.15	§164.312(b)
Run manifest signing	MEASURE-2.7	§8.5	Art. 12	CC8.1	A.8.34	§164.312(c)
Prompt redaction	MEASURE-2.10	§8.3	Art. 10	CC6.7	A.8.11	§164.308(a)(4)
ADRs & decision ledger	GOVERN-1.4	§7.5	Art. 11	CC8.1	A.8.32	§164.316(b)
Evidence snapshots	MEASURE-3.1	§9.3	Art. 11	CC2.2	A.5.32	§164.316(b)(2)
NHI inventory export	GOVERN-1.6	§7.4	—	CC6.2	A.5.16	§164.308(a)(3)

See full mapping & audit posture →

24 / 48 cells (50%) validated against the published framework text on 2026-05-03 — NIST AI RMF 1.0, EU AI Act (Regulation 2024/1689), and HIPAA Security Rule.

Cells marked • (ISO/IEC 42001, SOC 2, ISO 27001) remain illustrative pending validation against those paid standards. Specific requirements vary by audit firm, scope, and jurisdiction — confirm exact mappings with your auditor.

Deployable surfaces

Two more things ship in the box

Beyond the CLI that lands in every developer's repo, fastpace ships two standalone surfaces — one customer-facing, one self-hosted. Each is its own npm package, deployable independently, and reuses the same signed-artifact substrate so trust never has to be re-established.

For customers + auditors

trust.fastpace.net

@fastpace-ai/trust-portal · Astro · static deploy

Self-serve security posture. The page a CISO bookmarks once their procurement team starts an evaluation. Artifact-driven — attestations, sub-processors, and questionnaires live in version-controlled JSON so every change has a git history a procurement reviewer can audit.

Attestations — SOC 2, ISO 27001, ISO 42001 with current status + targets.
Sub-processors — short list with regions; pass-through tagging for runtime providers that aren't fastpace's responsibility.
Questionnaires — pre-answered CAIQ, SIG Core, SIG Lite, VSA + custom turnaround under NDA.
Threat model — STRIDE summary with residual-risk callouts, deep-linked to the public THREAT-MODEL.md.
Evidence request — six artifact kinds, signed delivery within 5 business days.

Visit the portal → Source on GitHub

npm install -g @fastpace-ai/trust-portal deploy on any static host (Cloudflare Pages, Vercel, Netlify, S3+CloudFront, your own NGINX)

For your fleet

@fastpace-ai/org-dashboard

fastpace-org binary · Node · self-hosted HTTP server

Aggregate signed audit summaries across every fastpace install in your org. Stays inside your firewall — fastpace doesn't operate a SaaS for your fleet data. The same Ed25519 identity that signs per-repo audit chains signs the summary that lands here.

Signed ingest — verifies every summary against a configured trusted-keys map (install_id → public key).
Fleet rollup — most-recent-per-install + aggregate framework-readiness, reliability, AI-commit volume.
Fleet-wide circuit-breaker baselines — sample-weighted aggregation; new installs borrow fleet baselines until their own samples are sufficient.
SAML envelope verifier — F1.14 real signature + window + audience check; configure via env.
Replication-ready — F3.11 audit-replication contract works the same way at the dashboard layer.

README + deploy guide → Reference architectures

npm install -g @fastpace-ai/org-dashboard terminate TLS at your reverse proxy; trusted-keys via Vault / AWS Secrets Manager / sops

Both packages depend on @fastpace-ai/fp via npm workspaces. No new runtime deps — the trust portal adds Astro as a build-time dep only, the org dashboard runs on Node http with zero external dependencies.

Vendor-agnostic by design

No vendor lock-in — context stays in git

Free of vendor dependence Committed to git. Works with any LLM runtime.

Your team's brain, in git

Business rules, ADRs, patterns, lessons — all plain markdown. Any AI runtime rehydrates instantly.

Swap models, keep context

Claude today, Codex tomorrow — same repo, same brain.

Onboard in one git clone

A new engineer inherits the institutional knowledge.

Remembered, not rediscovered

Review findings and reversals persist across sessions.

ADRs, not folklore

Decisions land with rationale, tradeoffs, and what was rejected. SOC 2 CC8.1 + NIST AI RMF GOVERN-3.2 evidence on file by default.

Business rules, not just code

Every session knows the why, not just the how.

Click any file on the right to preview what the AI sees.

fastpace / context /

Entry points, module boundaries, data flow.
Languages, frameworks, runtimes, pinned versions.
Naming, commits, test file locations, coding style.
Domain terms a cold reader would not know.
Recurring code idioms worth reusing — retry, pagination, auth.
ADR-lite: what was decided, why, what was rejected.
Hard-won knowledge from incidents and reviews.

architecture.md

Capture knowledge manually with /fp-remember, or let it grow organically as you use fastpace.

Skills

What you can type, in one command

Markdown-defined skills the AI invokes contextually — every step of the lifecycle gets a /fp-* command. Click any tile.

Developer power tools

CLI commands that earn their keep

A handful of focused commands that make the daily loop faster — each one paired with a /fp-* skill so the same thing is one step away inside Claude Code.

Hover a command to see details.

fastpace snapshot

audit-ready

auditor-ready evidence package

Bundles fastpace/ with the git SHA + branch in the filename. Excludes integrations secrets and rejected-learning archives. Hand it to an auditor, attach it to an issue, snapshot the change-management evidence in one command.

⚡ snapshot --since 2026-01-01

✓ wrote fastpace-snapshot-2026-04-24-a1b2c3d4.tar.gz
  · git sha:   a1b2c3d4…
  · branch:    feat/credit-card-validation
  · files:     ADRs, decisions.md, audit.log, manifests/
  · size:      18.2KB

fastpace search <query> /fp-search

audit-ready

auditor questions, answered in seconds

Instant, local full-text search across fastpace/context/, docs/, ADRs, exec-plans, and audit.log. No AI. Ranked file:line hits with 3-line context + term highlighting. The "show me how X meets control Y" answer in one command.

⚡ search "GDPR" · 4 hit(s)

fastpace/context/decisions.md:17  [context]
  │ ## 2025-03-02 — Data deletion within 30d (Art. 17)

fastpace/docs/adr/0014-soft-delete.md:8  [adr]
  │ supports right-to-be-forgotten

fastpace why <path>[:line] /fp-why

audit-ready

every line, traced to its decision

Traces a file back to the PRD/ERD/ADR/pattern/plan that touched it, plus the introducing commit + recent changes. Richer than git blame — grounded in your fastpace brain. Provenance answer for "why does this code exist?"

⚡ why src/handlers/checkout.ts:62

ERDs reference this
  fastpace/docs/erd/credit-card-validation.md  Credit card validation

Decisions touching the module
  fastpace/context/decisions.md:14  ## 2025-02-14 — No ORM in handlers

Git history
  introduced: 9c1a3f2 2025-02-10 priya · feat(checkout): wire card validator

fastpace doctor /fp-doctor

'why isn't this working?' in one command

Checks Node version, config parseability, .claude install completeness, hook permissions, foundation context files, orphan watch cards, .gitignore posture. Reports pass / warn / fail with a concrete fix command per issue.

⚡ doctor · 9 ok · 1 warn · 0 fail

  ✓ fastpace.config.yaml   parsed ok
  ✓ .claude/settings.json  valid
  ! context/ foundation    4/7 present — missing: glossary.md, patterns.md
    → fix: run /fp-discover in Claude Code
  ✓ watch cards            3 tracked

fastpace resume [slug] /fp-resume

pick up an in-flight feature

Prints a watch card's phase progress, branch diff vs base, next approval required, and the exact /fp-new-feature command to paste into Claude Code. Kills the 'where was I?' moment.

⚡ resume credit-card-validation

  Credit card validation
  feat/credit-card-validation → main · updated 2h ago

  ✓ planning  ✓ spec  ✓ write-tests  ▸ implement  tests  docs  PR  push
  ████████████░░░░░░░░░░░░░░░░░  3 of 8 · 37%

resume in Claude Code:
  /fp-new-feature credit-card-validation

fastpace validate /fp-validate

lint PRDs / ERDs / plans before merging

Catches missing required sections, empty Security blocks, dead ADR links, stories > 16h, stories without acceptance criteria, and glossary casing drift. Exit 1 so CI gates merges.

⚡ validate · 2 error(s) · 1 warn(s)

  ✗ fastpace/docs/erd/oidc-migration.md  [erd-sections]
    ERD missing required section(s): security, acceptance criteria
    → fix: add "## Security" (and the others) — see /fp-write-erd
  ! fastpace/docs/erd/cc-validation.md  [erd-adr-link]
    references ADR 0012 which was not found

fastpace pr-summary /fp-pr-summary

draft a PR body from the linked ERD

Generates a grounded PR description (Summary · Linked artifacts · Acceptance · Security · Rollout · Changes) from the ERD and `git log`. Pipes straight into gh — never invents acceptance criteria.

## Summary

Client-side card validation to drop the 12% of checkouts
rejected by the processor as invalid.

## Linked artifacts
- ERD: `fastpace/docs/erd/credit-card-validation.md`

## Acceptance
- [ ] luhn checksum passes
- [ ] expiry in the future

Underlying primitives

What's actually wired into your repo

Skills sit on top of three primitives that ship with fastpace: agents (subagents that handle specialist work), hooks (local interceptors on every tool call), and guardrails (project-wide policies). Tab through to see each.

Agents

Specialist agents

Each agent runs in a fresh context with a tight scope and minimal tool access.

`planner`

Turns a goal into a numbered plan.

`reviewer`

Reviews diffs vs. architecture and decisions.

`prd-guru`

Interviews you and drafts a PRD.

`erd-guru`

Translates PRDs into ERDs.

`execution-planner`

Waves → epics → stories.

`doc-writer`

Updates docs without noise.

Hooks

Hooks enforce guardrails

Pre-use hooks block the call before it runs. Post-use hooks observe and log. Each hook is also tagged by intent — audit & safety or velocity — so the compliance story stays legible.

pre-use · block 5

secret-scanner audit & safety

Blocks writes containing AWS keys, tokens, private keys, or Stripe secrets.

push-guard audit & safety

Refuses force-push to protected branches. Refuses auto-push when disabled.

dangerous-command-guard audit & safety

Blocks rm -rf /, git reset --hard, curl | sh, and a dozen other footguns.

commit-validator velocity

Enforces conventional commit format (configurable).

branch-guard audit & safety

Prevents commits directly to main/master or other protected branches.

post-use · observe 2

dependency-alert audit & safety

Alerts on new npm deps outside your approved scopes. Block or warn.

audit-logger audit & safety

Appends every tool use to fastpace/audit.log — hash-chained for tamper evidence.

Guardrails

Policies, not pleases

Configured in fastpace.config.yaml. Safe defaults out of the box.

fastpace.config.yaml click any tile above → the YAML updates live

fastpace will never silently weaken a guardrail — every change is approved by you and logged to fastpace/audit.log.

What ships

Seven surfaces. Forty-eight specific capabilities. One install.

fastpace ui opens a 100% local dashboard with seven sidebar groups. Each group is a column of work fastpace already does for you — no separate tool, no SaaS. Click into the demo below to walk every panel; here's the inventory.

live Every metric below auto-updates as your team uses fastpace. Local reads are real-time; fleet rollups push every 5 min via F3.11 audit replication; webhooks fire instantly on hook events. No separate metrics pipeline — the data plane is the audit plane.

Audit & provenance

7 capabilities

Tamper-evident evidence for every AI call, every commit, every session.

Hash-chained audit log F0.2 · append-only, signed; `fastpace verify` walks the chain
Signed run manifests F1.1 · model + endpoint + opt-out + prompt/response hashes per call
Provenance trailers F2.3 · git trailer ties every commit to the AI artifacts behind it
AI-BOM F2.4 · signed Bill of Materials for every session, exportable to Sigstore
Explanations F2.2 · per-line traces from code → PRD → ERD → ADR → pattern
Open audit schema F2.12 · published JSON schema, no proprietary lock-in
Replication contract F3.11 · S3/GCS push of audit shards on a schedule

Reliability & risk

6 capabilities

Numbers — not vibes — for whether the AI's getting better or worse.

Reliability score F2.1 · LCS-blame on AI edits → human corrections → trend over time
Risk register F2.10 · CRUD + framework control mapping; surfaces in trust portal
Red-team harness F2.7 · scenarios run against your install; per-org overrides supported
Control monitor F2.5 · observes control effectiveness over time, flags drift
Pre-merge audit gate F2.9 · blocks PRs missing required evidence before review
Performance benchmarks F6.3 · `fastpace bench` reports p50/p95/p99 on every hook

Agents & guardrails

9 capabilities

Every agent declares what it can do — and the runtime enforces it.

Agent identity manifests F0.4 · tools, paths, command patterns, max-files / tokens / commands
Agent scope-guard hook F0.4 · blocks any tool call outside the manifest, at runtime
Prompt redaction F0.5 · masks secrets + sensitivity-tagged context before send; PII overrides
Circuit breaker F1.3 · per-agent behavioral baseline → divergence alert → auto-pause
Exception workflow F1.8 · violations queue with reason → coach reviews → resolution recorded
Coach feedback loop F2.14 · per-block rating tokens → per-policy effectiveness rollup
Correction detection F2.1 · LCS diff + git blame; tracks every AI-edited line that humans rewrite
MCP scope mediator F1.7 · MCP server declares scope; out-of-scope calls blocked
SAST/lint required hook F2.13 · Semgrep + ESLint adapters bundled; extensible to CodeQL / Snyk

Identity & inventory

5 capabilities

Discoverable from day one — every install, every runtime, every key.

Ed25519 install identity F0.1 · keypair, rotate, revoke, sign, verify; private key 0o600
Discovery manifest F0.6 · announced at well-known path; powers fleet inventory
Approved runtime registry F1.11 · only sanctioned model endpoints; drift flagged
Sanctioned-install attestation F1.12 · Sigstore-style envelope on every install
Sensitivity-tagged context F1.10 · frontmatter on context files; redactor honors sensitivity level

Org & policy

7 capabilities

Roll fastpace across the org without losing per-repo autonomy.

Framework mapping F1.15 · NIST AI RMF, ISO 42001, EU AI Act, SOC 2, ISO 27001, GDPR
NHI registry export F1.5 · integration partner with Astrix / Oasis / Entro — emit standard inventory, never compete
Org dashboard F1.13 · standalone server; ingest, rollup, baselines across repos
SSO / SCIM / RBAC F1.14 · SAML envelope verifier; auto-provision via SCIM; role grants
Compliance push F2.8 · payload shaping for Drata / Vanta / Secureframe
Policy DSL F3.3 · lightweight non-OPA rules; allow / block / coach actions
Webhook event bus F3.10 · producers wired into key hooks; mock receiver for tests

Documents & planning

9 capabilities

PRDs, ERDs, ADRs, plans — versioned in your repo, not a separate tool.

PRDs · ERDs · ADRs Markdown in your repo; agents draft, you review, audit captures both
Execution plans ERD → waves → epics → stories; every link a reviewable file
Status reports `/fp-status-report` rolls up the lifecycle without copy-paste
Integrations sync Jira · Linear · Confluence · Google Docs (Layer 2 + auto-discover)
Reference resolution BM25 + Drive auto-discovery (off by default; consent per-repo)
DORA + delivery metrics Local rollup of cycle time, deploy freq, MTTR per repo
Learnings + watch cards Captured during sessions; surface in next planning round
Self-healing context refresh F3.8 · stale ADR / orphan reference detection + repair
Per-team budget caps F3.9 · token + cost ceilings per team; dashboard reporting

Local-only surface

5 capabilities

100% local. Zero telemetry. Air-gap optional.

fastpace ui Local dashboard on 127.0.0.1:7777; never phones home
fastpace me F3.5 · per-developer rollup; nothing leaves your laptop
Mobile-friendly UI F3.6 · responsive grid + tap targets; same data, smaller screen
Air-gapped install bundle F3.2 · `dist/fastpace-airgap-*.tgz`; verified zero-outbound install
Hash-chain offline verifier F3.1 · export bundle + standalone verifier; runs without fastpace

Source of truth: every capability above maps to a module in packages/fp/src/ and a sidebar view in packages/dashboard/. The numbered F-IDs trace to the master roadmap.

AI-Native Maturity

A single number for whether your team is getting AI-native right.

Nine industry-standard competencies — Project Setup, Spec-Driven Development, Context Management, Testing, Harness, Architectural Guardrails, Review Maturity, AI SDLC, Prompt Engineering — rolled into one 0–100 score. Auto-updated as your team works: local reads are real-time, fleet rollups push every 5 min, webhooks fire instantly.

The audit plane is the metrics plane. Same primitives that prove compliance to a CISO produce the velocity metric a CTO puts on a board slide. fastpace maturity from the CLI, Maturity view at the top of the local UI sidebar, fleet rollup on the org dashboard, opt-in publication on trust.fastpace.net.

All 9 sub-scores measured in v0.30 — F4.4 test parity, F4.6 ADR drift, F4.7 review maturity, F4.8 DORA-by-attribution, and F4.9 prompt effectiveness shipped this sprint (see packages/fp/assets/docs/ai-native-maturity.md for the rubric).

How it works

Layered, not replaced

fastpace sits between you and your AI runtime. Nothing else changes.

You

/fp-* commands

fastpace

skills · agents · hooks

AI runtime

Claude · Codex · Gemini

Your repo

source of truth

your-repo / where things live

your-repo/
├── .claude/
│   ├── skills/             markdown skills
│   ├── agents/             specialist agents
│   ├── hooks/              pre/post tool hooks
│   └── settings.json       wires up hooks
└── fastpace/
    ├── fastpace.config.yaml
    ├── context/            domain brain
    │   ├── architecture.md
    │   ├── decisions.md    append-only
    │   └── learnings.md    append-only
    ├── docs/
    │   ├── prd/  erd/  adr/
    │   └── status-reports/
    ├── exec-plans/         JSON, loads into UI
    ├── watch-cards/        in-flight state
    └── audit.log           append-only log

What happens when you run a skill

1

Claude loads the skill

Your /fp-* command loads the skill's markdown from .claude/skills/.
2

Context is rehydrated

The skill directs Claude to read fastpace/context/ first — decisions, patterns, glossary, learnings.
3

Specialist agents, if needed

Reviewer, planner, erd-guru. Each runs in a fresh context with tight tool access.
4

Hooks enforce guardrails

Pre-use hooks block risky calls and redact prompts. Post-use hooks log every tool use to audit.log.
5

Audit log is hash-chained

Every entry signs the previous one. Run fastpace verify to walk the chain — tamper-evident by construction. NIST AI RMF MEASURE-2.7.
6

Every artifact lands in the repo

Committable, reviewable. No cloud. No telemetry. Swap models tomorrow — context survives.

Local dashboard

100% local dashboard — click around or take the tour

Each repo gets its own 100% local UI. Run fastpace ui inside any repo — a Node HTTP server boots on localhost and opens a dashboard scoped to that project. Browse the audit log, ADR ledger, decisions, and exception queue without leaving the local UI. Zero cloud. Zero telemetry. Your code never leaves the machine.

http://localhost:7777

fastpace

checkout-svc

Search · ⌘K

Compliance

v0.1.0

local · no cloud

Dashboard / In-flight features

⌘K

In-flight features

Every feature started with /fp-new-feature persists to fastpace/watch-cards/.

Credit card validation

feat/credit-card-validation → main

● medium risk updated 2h ago

✓ planning ✓ spec ✓ write tests ◐ implement run tests docs PR push

implement · 62% 3 of 8 phases

Migrate auth to OIDC

feat/oidc-migration → main

● high risk updated yesterday

✓ planning ◐ spec write tests implement run tests docs PR push

spec · 28% 1 of 8 phases

Rate-limit public endpoints

feat/rate-limits → main

● low risk updated 4h ago

✓ planning ✓ spec ✓ write tests ✓ implement ✓ run tests ✓ docs ◐ PR push

PR · 54% 6 of 8 phases

Audit chain

Tamper-evident by construction. fastpace verify walks the chain in seconds.

$ fastpace verify
[ok] chain integrity: 1247 entries
  signatures verified  1247
  unsigned entries     0

last entry
  seq          1246
  ts           2026-04-30T14:21:08Z
  tool · phase Read · PostToolUse
  summary      {"file_path":"src/auth/session.ts","agent":"reviewer"}
  entry hash   a14b2c8f3d9e7c2a1b4f...

What an auditor sees: deterministic verification. No "trust us" — every entry proves itself. The pre-merge audit gate (F2.9) runs this in CI on every PR.

Provenance

F2.3 — every AI commit carries Fp-* trailers binding it to a manifest, agent, prompt hash. Five-layer verify in seconds.

$ fastpace verify-provenance HEAD
[ok] commit       a8f3c2b9  feat(billing): add idempotency keys
[ok] trailers     Fp-Run-Manifest, AI-Model, AI-Agent, AI-Prompt-Hash
[ok] manifest     2026-04-30T14-21-08Z-a3b8c1.json
[ok] signature    verified against install fingerprint
[ok] audit-link   manifest_id present in audit chain at seq 1198
[ok] explanation  retrieval context + approval chain present

5/5 layers verified.

Org dashboard self-hosted

F1.13 — @fastpace-ai/org-dashboard standalone binary. Self-hosted aggregator: ingests signed audit shards from every install, verifies them against the org SAML envelope, computes per-repo / per-team / per-org rollups. No cloud.

$ fastpace-org-dashboard --port 8443 --store ./fp-org-store
[ok] ingest endpoint    POST /api/org/ingest
[ok] rollup endpoint    GET  /api/org/rollup
[ok] maturity endpoint  GET  /api/org/maturity
[ok] baselines endpoint GET  /api/org/baselines
[ok] SAML envelope      verified · 14 installs · 7 teams
[ok] last ingest        2026-05-01T17:08:42Z · checkout-svc · 12 entries
[ok] serving on         https://0.0.0.0:8443

GET /api/org/maturity

{
  "ok": true,
  "repo_count": 14,
  "maturity": {
    "aggregate": 68,
    "reporting_repos": 14,
    "total_repos": 14,
    "status": "measured",
    "sub_scores": [
      { "fId": "F4.1", "label": "Project Setup",           "pct": 84, "reporting_repos": 14 },
      { "fId": "F4.2", "label": "Spec-Driven Development", "pct": 71, "reporting_repos": 14 },
      { "fId": "F4.3", "label": "Context Management",      "pct": 62, "reporting_repos": 14 },
      { "fId": "F4.5", "label": "Harness Engineering",     "pct": 76, "reporting_repos": 14 }
    ]
  }
}

Deploy targets

npm install -g@fastpace-ai/org-dashboard

store backendfilesystem · S3 · GCS · Azure Blob

authnF1.14 SAML envelope · SCIM auto-provision · RBAC

data planeyour VPC; never phones home

Tour as:

1 of 8

The local UI

Every fastpace install ships a local dashboard that runs entirely on your employees' machine — no SaaS in the data path. Pick a persona above to walk only the views that matter to your role.

Org dashboard

Self-hosted fleet aggregator — your VPC, your data plane

@fastpace-ai/org-dashboard is a thin Node HTTP server that ingests signed audit summaries from every fastpace install, verifies them against your SAML envelope, and rolls them up by repo / team / org. Deploy it inside your VPC; fastpace.net never sees the data.

fleet · acme-corp

⚡ https://fastpace.acme-corp.com:4444 self-hosted

Fleet overview

Aggregated from signed shards. Each install pushes via F3.11 every 5 min; the dashboard polls + recomputes on ingest.

repos

14

teams

7

developers

62

chains ok

14/14

org maturity

68

framework readiness

82%

Top 5 repos by maturity

billing-apipayments81

checkout-svcpayments72

acme-webgrowth64

notificationsplatform55

internal-toolsinfra42

Recent ingests

checkout-svc · 12 audit entries · maturity Δ +138s

billing-api · 7 audit entries · maturity steady2m

acme-web · 21 audit entries · 1 new exception5m

notifications · circuit breaker tripped on doc-writer14m

Repos · 14 reporting

Sortable. Click a repo to drill into its per-shard history, exception queue, and audit-chain offset. (Not interactive in demo.)

Repo	Team	Maturity	Reliability	AI commits 30d	Last shard
`billing-api`	payments	81	94	312	1m
`checkout-svc`	payments	72	91	284	38s
`acme-web`	growth	64	87	421	5m
`notifications`	platform	55	72	198	14m
`internal-tools`	infra	42	—	54	2h
+ 9 more · scroll or paginate in live UI

Teams · 7

Team rollups average per-repo maturity weighted by AI activity. Provisioned via SCIM from your IdP.

Team	Repos	Devs	Maturity	Reliability	Trend (30d)
payments	2	11	76	92	↑ +4
growth	3	9	63	87	↑ +2
platform	4	14	58	74	→ 0
infra	2	6	44	—	↓ -3
data	1	8	61	89	↑ +5
mobile	1	7	71	90	↑ +1
internal	1	7	38	—	↓ -1

Ingest log

Every shard arrives signed. Verify failure → reject without ingest. Last 24h:

[2026-05-01T17:08:42Z] ingest  checkout-svc      sig ok  entries=12  Δ-maturity=+1
[2026-05-01T17:06:11Z] ingest  billing-api       sig ok  entries=7   Δ-maturity= 0
[2026-05-01T17:03:55Z] ingest  acme-web          sig ok  entries=21  Δ-maturity=-1
[2026-05-01T16:54:30Z] ingest  notifications     sig ok  entries=4   Δ-maturity= 0
[2026-05-01T16:54:30Z] alert   notifications     circuit_breaker tripped (doc-writer +37%)
[2026-05-01T16:48:12Z] reject  rogue-clone       sig MISMATCH  envelope=unknown_install
[2026-05-01T16:42:06Z] ingest  data-pipeline     sig ok  entries=15  Δ-maturity=+2
[2026-05-01T16:33:51Z] ingest  mobile-ios        sig ok  entries=9   Δ-maturity=+1
[2026-05-01T16:21:18Z] ingest  internal-tools    sig ok  entries=2   Δ-maturity=-1
…

Fleet baselines

F1.3 — per-agent behavioral baseline averaged across the fleet, weighted by sample size. Repos with too few samples fall back to fleet baseline.

Agent	Avg edits / session	Avg duration (s)	Avg tokens	Samples
`planner`	0 (read-only)	184	89,400	3,124
`reviewer`	3.2	222	74,800	2,891
`prd-guru`	1.1	318	52,300	1,408
`erd-guru`	2.7	402	68,100	1,202
`execution-planner`	1.8	271	71,400	1,184
`doc-writer`	4.4	156	32,800	1,932
`onboarder`	0.6	112	21,500	614

API endpoints

Read-only HTTP surface for the dashboard. Same shape as the local UI's /api/*; consumers just point at the org port instead of :7777.

Method	Path	Returns	Auth
`POST`	`/api/org/ingest`	ack of received shard	signed envelope
`GET`	`/api/org/rollup`	fleet rollup + per-repo	SAML session
`GET`	`/api/org/maturity`	F4.12 aggregate + sub-scores	SAML session
`GET`	`/api/org/installs`	roster of every reporting install	SAML session
`GET`	`/api/org/baselines`	per-agent fleet baselines	SAML session
`GET`	`/api/org/summary`	single-repo build (dev)	local only
`POST`	`/api/auth/saml`	verify envelope, return role	none

Run it locally now: npm install -g @fastpace-ai/org-dashboard then PORT=4444 fastpace-org. Same surface as this mockup, reading from a sample store. Production deploys live in your VPC — we never see the data plane.

7 panels · ~60 seconds

Trust portal

Buyer-facing — what a CISO sees before signing

A dedicated website for your business at trust.fastpace.net. You can opt in to publish their org maturity number alongside the standard attestation roadmap, sub-processor list, threat model, and self-serve evidence-request flow. Built from signed audit summaries — your auditor can verify what's on this page came from your install.

trust · acme-corp

🔒 https://trust.fastpace.net/acme-corp public · consent-gated

⚡ Acme Corp trust posture

Org maturity

68 / 100

14 repos · 7 teams · last refresh 38 sec ago. Auto-updated from signed audit shards.

Attestations

in progress SOC 2 Type I · Q3 2026
planned SOC 2 Type II · Q1 2027
planned ISO 27001 · Q2 2027
planned ISO 42001 · Q4 2027

Sub-processors

GitHub source code · open source
Cloudflare DNS + edge
Anthropic / OpenAI / Google pass-through · your contract

Frameworks mapped

NIST AI RMF · ISO 42001 · EU AI Act · SOC 2 · ISO 27001 · GDPR · PCI-DSS · HIPAA

Threat model

STRIDE walk against every shipped fastpace primitive. view ↗

Evidence request

Self-serve flow. Signed snapshot of fastpace/ bundled into a tarball, delivered via signed URL. Re-uses F1.14 RBAC.

Attestations

Honest about timing. We will not claim certifications we don't hold. Reports are available under NDA on completion.

Framework	Status	Target	Note
SOC 2 Type I	in progress	Q3 2026	Audit initiated; report under NDA on completion.
SOC 2 Type II	planned	Q1 2027	Follows successful Type I + 6 months operating period.
ISO 27001	planned	Q2 2027	Stage 1 + Stage 2 audit.
ISO 42001	planned	Q4 2027	AI management system attestation.
NIST AI RMF	self-attested	—	Mapping at `/framework-mapping`.
EU AI Act	self-attested	—	Article-level mapping in framework doc.

Sub-processors

The complete list of third parties that touch fastpace data. Pass-through providers (model runtimes) are governed by your direct contract with them, not fastpace.

Vendor	Purpose	Region	Status
GitHub	Source code repository for the open-source project. fastpace itself does not transit customer code through GitHub.	US	active
Cloudflare	DNS + static asset delivery for fastpace.net marketing site.	Global edge	active
Anthropic	Pass-through. fastpace mediates the developer's direct call to Claude; data flows are governed by the developer's own contract with Anthropic.	n/a	pass-through
OpenAI	Pass-through. Same as above for GPT.	n/a	pass-through
Google	Pass-through. Same for Gemini / Vertex.	n/a	pass-through

The live trust portal lives at trust.fastpace.net. Each customer can opt in to publish their org maturity card alongside the standard rubric — the same data that flows to the org dashboard above, just exposed read-only with explicit consent.

7 panels · ~60 seconds

Test-drive — no commitment

Try fastpace in a sandbox first

Before pointing it at your real repo, take fastpace for a spin in a throwaway directory. Five minutes, nothing touched outside the sandbox — just enough to feel the flow and decide if it's for you. The hash-chained audit log is on from minute one, even in the sandbox.

First, install globally

🧪

recommended first try

Test-drive in a sandbox repo

5 min

Spin up a fresh sandbox directory — nothing in your real repos is touched:
Scaffold fastpace and let it seed a sample feature:

--sample writes a tiny demo PRD, ERD, and watch card so the dashboard isn't empty on first launch.
Launch Claude Code (or Codex / Gemini CLI) inside the sandbox and try a command:
Once you've felt the flow, blow it away — no traces left:
Done!
Liked it? Move on to Brownfield or Greenfield below to point fastpace at your real repo.

When you're ready for the real thing

🌳

existing repo

Brownfield

Clone your repo, enter it, and scaffold fastpace:
Launch Claude Code, then run:
Done!
Ask questions with or build with

🌱

new repo

Greenfield

Create your project directory, enter it, and scaffold fastpace:
Add your code repos as submodules:
Launch Claude and run:
Done!
Start with while fastpace watches over you.

🧹

when the evaluation ends

Uninstall cleanly

your files survive

Every file fastpace touches gets recorded in a signed install-manifest. Uninstall reads that manifest and removes only what fastpace itself placed — your own hooks, agents, skills, and settings entries are provably untouched. Pick the scopes you want included; the command composes live below.

Scope default = user-global only (gentle). Add scopes for more cleanup.

user-global manifest always included — removes anything fastpace placed in ~/.claude/

--repo also remove fastpace-installed files from this repo's .claude/

--settings reverse-merge fastpace's keys out of settings.json (preserves your own hook entries)

--fastpace-dir also remove the repo's fastpace/ directory — audit log will be lost

--user-identity also remove ~/.fastpace/ — destroys the Ed25519 identity that signs the audit chain

--force · non-interactive (CI / scripts) --dry-run · print the plan, change nothing

composed command

fastpace uninstall

removes user-manifest files; preserves your own .claude/ files, fastpace/, settings.json, and ~/.fastpace

+

Remove the CLI itself drops the global npm package after the cleanup above

Power-user flags + recovery

--all — shorthand for --repo --settings --fastpace-dir
--everything / --nuke — shorthand for --all --user-identity (full back-out, double-confirm)
--keep-modified — never delete files whose content diverges from what fastpace installed (default under --force)
--force-delete-modified — delete modified files anyway (use sparingly)
--skip-manifest-verify — proceed even if the manifest signature is invalid (recovery for tampering / corruption). Combine with --dry-run first to inspect.

Heads up on --user-identity: this destroys the F0.1 Ed25519 keypair. Past audit logs signed by that key remain verifiable only against the archived public key. Run fastpace identity show --json > identity.json first if you want a copy for later forensic verification.

Nothing about fastpace phones home. Removing the CLI removes the binary; no server-side state to clean up. The licensing service auto-prunes inactive install_ids after 90 days, on our side — no action needed from you.

Keep it up to date

Adopt at your pace

At your pace

Test-drive on day one. Turn on phases as the team gets comfortable — and watch the audit signal compound alongside.

Day 1

Crawl

Test-drive, explore, learn.

Sandbox with
Ask around with
Open

audit milestone Audit log starts logging from minute one. announces this install.

Week 1

Walk

Plan and review with fastpace.

ERDs via
PR review via
Capture with

audit milestone First ADR committed. First prompt-redaction event captured. ISO/IEC 42001 §7.5 evidence on file.

Week 2+

Run

Full lifecycle, audited.

Ship with
Plan via
Reports via

audit milestone First evidence snapshot exported via . NHI registry exported. NIST AI RMF MEASURE-3.1 satisfied.

Ship fast. Ship audit-ready.

Discoverable, scoped, attested. Mapped to NIST AI RMF, ISO/IEC 42001, and the EU AI Act.

Test-drive in a sandbox first — no commitment, nothing touched outside a throwaway directory. Works with Claude Code, Codex, Gemini CLI, or OpenCode. Your code never leaves your machine.

Test-drive in 5 min → For security teams → Star Browse the skills

The lethal trifecta — and the three primitives that break it.

Better domain context → better code

Track and improve repo quality

One surface for product, eng, and compliance

Five surfaces. Different audiences. One audit chain.

Closer to the code, whichever team you're on

Product, closer to the code

DevOps, closer to the code

Join our list of reference customers

No fake logos

No fabricated stats

No silent guardrail weakening

The numbers driving the 2026 conversation

PRD → ERD → execution plan, in your repo

PRDs the AI can verify against your code

Grounded designs

Plans that know your codebase

Backlog → Done

Pick up where you left off

No more Jira-to-slides

Status reports

Report criteria

Safe enablement, by primitive

Identity

Scope

Inventory

Observability

Not shadow AI. Announced AI.

One command. Every artifact the auditor reads.

What happens when something goes wrong.

Blast radius hits a cap.

Or: behavior diverges from baseline.

Coach agent points at the exception path.

Exception with risk-tier classification.

The metric your AI vendor doesn't print on a slide.

The slide procurement keeps asking for.

Policies, not pleases

Security & compliance, closer to the code

Mapped to what auditors are actually asking about

Two more things ship in the box

No vendor lock-in — context stays in git

Your team's brain, in git

What you can type, in one command

CLI commands that earn their keep

What's actually wired into your repo

Specialist agents

planner

reviewer

prd-guru

erd-guru

execution-planner

doc-writer

Hooks enforce guardrails

Policies, not pleases

Seven surfaces. Forty-eight specific capabilities. One install.

A single number for whether your team is getting AI-native right.

Layered, not replaced

100% local dashboard — click around or take the tour

In-flight features

Dashboard

AI-Native Maturity live

Config

Hooks

Phases & approval gates

Domain context

Repo quality

PRDs

ERDs

ADRs

Status reports

Execution plans

Integrations

Metrics

DORA & engineering

Recent learnings

Install health

Identity

Audit chain

Run manifests

`planner`

`reviewer`

`prd-guru`

`erd-guru`

`execution-planner`

`doc-writer`