Welcome to CRAFT
Cardinality Rapid AI-First Toolchain — Contract to Customer Outcomes. Our AI-native delivery toolchain for Cardy product development and implementation, built on the Cardy AIDLC method. This portal is the orientation guide. Read what is relevant to your role — the Your Role tab personalizes the view — and the path forward will be clear.
A method, not a tool
Claude Enterprise is the tool. AIDLC is the method that turns Claude usage into consistent delivery quality: skills, context, HITL gates, evals. Same tool, multiplied by structure.
All 300+ of us
BAs, Architects, Developers, QA, DevOps, PMs, Configuration Specialists, Empower Product engineers, onsite and offshore. Different skill packs per persona, same methodology.
De-identified working artifacts
Engagements are real. The working artifacts in CRAFT are de-identified per policy. No real PHI, FTI, CJI, or client production data ever enters Claude.
How to use this portal
| Tab | For you if you… |
|---|---|
| Claude 101 | Want a quick refresher on what Claude, Claude Code, MCP, skills, context, plugins actually are and when to use each. |
| Methodology | Want to understand the 12 stages, 6 buckets, 3 tiers, and HITL gates. |
| Think | The architect's view: what is a skill vs context vs connector, the decision tree, and how to author skills well. Read before proposing your first skill. |
| Guardrails | Want the security, IP, data, and skill-governance rules of the road. Required reading before you start. |
| Your Role | Want the persona-specific view: your skill pack, your daily flow, when you get access. |
| Pilot | The real pilot engagement, end-to-end. Recommended for everyone. |
| Timeline | Placeholder dates. Want to know when your role gets access and what to do beforehand. |
| FAQ | Want the answer to the question you're afraid to ask in the all-hands. |
| Resources | Want the links — strategy doc, skill catalog, Slack channels, CoE contact. |
| Why | Visual gut-check on the case for CRAFT. Share-able battlefield analogy. |
Claude 101 — A Cheat Sheet
New to Claude? Start here. Already familiar? This is the shared vocabulary we'll use across the org.
The terms, in plain language
- Claude (the model)
-
The AI itself. We use Anthropic's
claude-sonnet-4-6andclaude-opus-4-6by default. Sonnet for everyday work; Opus for hard problems (design, code, code review). - Claude.ai
- The web/desktop chat interface. Where BAs, Architects, PMs do most of their AIDLC work. Has Projects, Skills, and Connectors built in.
- Claude Code
- A CLI / IDE-integrated version of Claude that lives in your terminal or VS Code. Sees the local repo. Runs commands. This is where developers spend most of their AIDLC time.
- Project
- A scoped workspace in Claude with its own knowledge files and instructions. We use Projects to implement our 3-tier context model: one Project per implementation (Tier 2), one shared Project for platform standards (Tier 1).
- Context
- The information loaded into a conversation: project knowledge (attached documents), system prompts, the messages so far. AIDLC's job is to make sure the right context is loaded for the right task — without you having to wrangle it manually.
- Skill
-
A reusable, versioned playbook for one job. Example:
prs-generatoris a skill that turns an RFP into a PRS. Skills are invoked like slash-commands in Claude. They live in a git repo and the CoE governs them. - Plugin pack
-
A bundle of skills shipped together. Cardy AIDLC has 6 plugin packs:
cardy-platform-base,cardy-pmo-pack,cardy-arch-pack,cardy-dev-pack,cardy-qa-pack,cardy-release-pack. - MCP (Model Context Protocol)
- The open protocol that lets Claude talk to external tools and data sources. Each connector (Jira, Bitbucket, Slack, Gmail, Google Drive) is an MCP server. When you wire Jira to Claude, you're using MCP.
- Connector
- An MCP-based bridge to a specific tool. In AIDLC we use 5 connectors: Google Drive, Jira, Bitbucket, Slack, Gmail. Scoped per project; SSO-authenticated; audit-logged.
- HITL gate
- Human-In-The-Loop gate. A required human approval between two AIDLC stages. Example: BA Lead approves the PRS before fit-gap begins. Encoded in Jira workflow, not goodwill.
- Eval
- A measurable quality check. Each AIDLC skill has a rubric and a golden set of 20–50 example inputs. Skills are scored before they can ship.
- Tier 1 / 2 / 3
- The knowledge architecture. Tier 1 = org-level (Empower platform, coding guidelines, HHS domain). Tier 2 = per implementation (RFP, contract, configuration). Tier 3 = your daily working memory.
When to use which surface
| I want to… | Use | Why |
|---|---|---|
| Read an RFP and draft a PRS | Claude.ai (Cowork mode for long-form) | Drive connector + project knowledge make this trivial. Long file generation. |
| Run a fit-gap on classified requirements | Claude.ai | Reasoning + structured output back into Drive. |
| Draft stories with AC in Jira | Claude.ai or directly in Jira (@claude) | Either works. In Jira is faster when you have one story. |
| Write code, run tests, open a PR | Claude Code | Lives in your editor. Sees the actual repo. Runs commands. |
| Review a PR against Empower standards | Claude.ai with GitHub/Bitbucket connector | Posts inline comments; humans approve. |
| Quick lookup, summarization, classification | Claude.ai (Haiku model) | Cheap, fast, deterministic enough. |
What a typical CRAFT interaction looks like
You open Claude.ai. You switch to the right Project (e.g., "San Diego Implementation"). The Project
loads the RFP, response, config decisions automatically as context. You invoke a skill — type
/prs-generator or @claude draft AC for this story. Claude pulls from Tier
1 (platform standards) + Tier 2 (this project) and produces the artifact. You review, edit, accept.
The system of record (Jira / Drive / Bitbucket) gets updated. Nothing new to learn beyond the
slash-commands.
The AIDLC Methodology
12 stages. 6 buckets. 3 tiers. A human approver at every gate. Synthetic data only. That's the whole methodology.
The 12 stages
Stages 1–3 are linear. After classification, work fans out into 6 parallel sub-pipelines — one per bucket. Stages 4–12 are bucket-aware.
The 6 buckets
Every requirement, after fit-gap, lives in exactly one bucket. Buckets matter because they have different estimation rhythms, approvers, and skill clusters.
| Bucket | What lives here | Owns it | Approves it |
|---|---|---|---|
| OOTB Configuration | Workflow, page builder, rules engine configuration on existing Empower | Configuration Specialist | Empower Config Lead |
| Platform / Product Feature | New capability we'd want in Empower itself | Platform / Product Engineer | Empower Product Architect |
| Client Extension | Client-specific customization that doesn't belong in the platform | Extension Developer | Implementation Tech Lead |
| Integration | External-system contracts: county, court, EHR, etc. | Integration Engineer | Integration Lead |
| Data Migration | Legacy → Empower data migration: mapping, transformation, validation, cutover | Data Engineer | Data Lead |
| Analytics & BA | Dashboards, BI layer, operational reporting, data marts | Report Developer | BA Lead |
The 3-tier knowledge model
| Tier | Scope | Owner | What's in it |
|---|---|---|---|
| Tier 1 | Org-level | Empower Product + CoE | Empower architecture, RBAC, workflow patterns, coding guidelines, HHS domain primer |
| Tier 2 | Per implementation | Implementation Squad + CoE | RFP/response, contract, config decisions, extensions, integration specs, migration maps |
| Tier 3 | Transaction | You | Current sprint, today's PR, your scratch notes |
HITL gates — non-negotiable
- BA Lead approves PRS before fit-gap begins.
- Solution Architect approves fit-gap classification.
- Implementation Architect approves HLD; Empower Product Architect also approves Platform / Product Feature items.
- BA Lead + PM approve stories before development.
- Tech Lead approves LLD (bucket-specific).
- QA Lead approves test cases before they enter the master suite.
- Two human reviewers required to merge a PR; Claude can be one, never both.
- DevOps Engineer + Implementation Manager approve release.
How to Think — A Senior Architect's View
The single most-confused boundary in any Claude rollout: what is a skill, what is context, what is a connector? Get it wrong and you ship 200 "skills" that are really FAQ entries. Get it right and the library compounds in quality every quarter. Read this before you propose your first skill.
1. The five primitives
| Primitive | What it is | Answers | Lives where |
|---|---|---|---|
| Model | The LLM (Opus, Sonnet, Haiku) | Who is doing the thinking? | Anthropic's API; selected per call |
| Context | Reference material the model reads to ground answers | What does the model need to know? | Project knowledge; attached files; connector-retrieved docs |
| Skill | A versioned procedure to do a specific job repeatedly | How does the model do this job? | Markdown playbook in cardy/aidlc-skills repo |
| Project | A scoped workspace: context + connectors + model + access | Where does the work happen? | Claude.ai Projects |
| Connector (MCP) | A live integration to an external system | What can the model touch? | MCP server (Jira, Drive, Bitbucket, Slack, Gmail) |
2. The 5-test — is X actually a skill?
A capability deserves to be a skill only if it passes all five. Fail any one and it's something else: context, FAQ, prompt template, or a connector call.
Worked example: is rfp-ingest a skill?
| Test | Verdict |
|---|---|
| Recurrence | Yes — every new engagement starts with one. |
| Procedure (not knowledge) | Yes — read RFP, extract outcomes/requirements/NFRs/deliverables, classify into preliminary buckets, cite page numbers, produce a .docx brief. |
| Specific output shape | Yes — downstream Stage 2 (PRS) and PMO depend on the brief's structure. |
| Eval-able quality bar | Yes — coverage of outcomes, accuracy of citations, classification confidence calibration. |
| Worth versioning | Yes — RFP styles vary by state/county; skill will sharpen with feedback. |
Counter-examples — what is NOT a skill
- "The Empower RBAC capability list" → that's context. Belongs in Tier 1 project knowledge.
- "How do I install Claude Code on my laptop?" → that's FAQ. Belongs in this portal.
- "Translate this paragraph into Spanish" → that's a one-off prompt. No recurrence, no structure.
- "Open this Jira ticket" → that's a connector call. The connector does it; no skill needed.
- "Summarize this Slack thread" → borderline. Ad hoc = one-off. "Weekly client status digest in this exact format" = skill.
3. Decision tree — when you're not sure
- Is X done repeatedly across engagements? No → it's a one-off, just prompt it. Yes → continue.
- Does X produce a defined artifact others depend on? No → private workflow, not a skill yet. Yes → continue.
- What grounding material does X need? Universal → Tier 1 context. Per-engagement → Tier 2 context. (Skills reference context, never embed it.)
- Can quality be scored? No → ship experimental, can't graduate to GA without evals. Yes → write the golden set and rubric alongside the skill.
- Should the prompt + output shape evolve? No → it's a template, drop an
.mdin a shared folder. Yes → make it a versioned skill, CoE-reviewed PRs.
4. Skill anatomy — the 8 sections of a well-formed skill
| Section | What goes here |
|---|---|
| 1. Frontmatter (YAML) | name, version, pack, stage, bucket, persona, triggers, HITL gate, inputs, outputs, context tiers, model routing |
| 2. Purpose | One paragraph: what this skill is FOR (not what it does step-by-step) |
| 3. Preamble | Prompt-injection defense boilerplate — required, do not remove |
| 4. Steps | The procedure, numbered, specific, with citation rules |
| 5. Output format | Exact shape: headings, fields, file extension, file naming convention |
| 6. Guardrails | Data scope, what NOT to do, when to flag for human |
| 7. Eval rubric summary | Scored dimensions + link to full rubric in evals/ |
| 8. Example invocations | 3 realistic prompts users would type |
5. Placement rules — what goes where
| Asset | Where | Why |
|---|---|---|
| Empower architecture overview | Tier 1 project knowledge | Stable, org-wide, many skills reference it |
| Coding guidelines (Angular / Nest / PL/SQL / Drools) | Tier 1 project knowledge | Same |
| RBAC model document | Tier 1 project knowledge | Same |
| HHS domain primer | Tier 1 project knowledge | Same |
| Estimation methodology document | Tier 1 project knowledge | Reference material |
| Estimation procedure (apply to backlog) | Skill | Done repeatedly with output shape |
| San Diego RFP / SOW / response | Tier 2 project knowledge | Engagement-specific reference |
| San Diego config decisions log | Tier 2 project knowledge | Engagement-specific reference |
| Per-story PRS / LLD outputs | Drive folders, linked from Jira | Working artifacts |
| Jira / Bitbucket / Drive read+write | Connector | External system access |
| "How do I install Claude Code?" | Portal FAQ / Resources | Not skill-shaped |
| "Draft AC for this story" | Skill (story-ac-gherkin) | Recurring, defined shape, eval-able |
| "Generate the Nest service for this story" | Skill (code-nest) | Recurring, defined shape, eval-able |
| "Review this PR against Empower standards" | Skill (review-empower-standards) | Recurring, defined shape, eval-able |
6. The output-quality stack
CRAFT output quality comes from four layers stacked correctly. When something feels off, diagnose from the bottom up — most failures are a Layer 2 or 3 problem, not a Layer 4 (model) problem.
Failure-mode → layer map
| Symptom | Most likely layer | Fix |
|---|---|---|
| "It made stuff up" | Layer 3 (Context) | Load the missing doc into Tier 1/2 or sharpen what's there |
| "It produced a vague generic answer" | Layer 2 (Skill) | Tighten output shape; add concrete examples in the skill |
| "It got the standard wrong" | Layer 3 (Context) | Tier 1 doc is stale; refresh and re-attach |
| "Too slow / expensive" | Layer 4 (Model) | Re-route to Sonnet or Haiku where quality allows |
| "It refused to do the job" | Layer 2 (Skill) | Guardrail too restrictive; soften with explicit allowed-cases |
| "It approved its own work" | Layer 2 (Skill) or Process | Add explicit HITL gate; enforce via Jira workflow / branch protection |
7. Authoring sequence — Wave A through D
The right order to author skills, optimized for shortest path to demonstrable value.
| Wave | Week | What ships |
|---|---|---|
| Wave A — Foundation | Week 1 | 6–10 Tier 1 context docs (NOT skills): Empower architecture, RBAC v4, coding guidelines, workflow/rules patterns, HHS domain primer, NFR baselines, estimation methodology, project template, AI usage addendum template |
| Wave B — Spine | Week 2 | 5 skills exercising the full spine end-to-end: rfp-ingest, prs-generator, fit-gap-classifier, story-ac-gherkin, code-empower-workflow |
| Wave C — Design + Code | Week 3 | hld-functional, er-diagram, lld-extension, code-extension, review-empower-standards |
| Wave D — Tests + Ship | Week 4 | tc-unit, tc-system, tc-uat, release-notes, pr-review |
After Wave D you have ~20 skills covering the full spine on OOTB and Extension buckets. Enough to demo end-to-end and start measuring with evals. The remaining ~65 skills (other buckets, deliverables planning, governance, analytics) come in Phase 2.
8. The 5-file deliverable per skill
experimental. This is the governance lock that prevents rot.
- The skill markdown —
skills/<skill-name>.md - The eval rubric —
evals/<skill-name>_rubric.md - The golden set seed —
evals/golden/<skill-name>/seed.json(start with 5 items; 20 for beta; 50 for GA) - The judge prompt — entry in
agent_promptsregistry withagent_id="evals_judge_<skill>" - The example invocations —
skills/<skill-name>.examples.mdwith 3 realistic user prompts and expected outputs
Do's & Don'ts — Guardrails
The rules of the road. Read this before you start. CRAFT's leverage depends on these holding — for our clients, for our employees, and for Cardinality's IP.
The six guardrail domains
#cardy-aidlc-help immediately. 24-hour CoE response SLA.
1. Security guardrails
What protects Cardinality's environment from compromise via or through Claude.
How we secure the platform
- Claude Enterprise tier with SAML/OIDC SSO. No password-only access.
- Audit logs exported to corporate SIEM. Every prompt, every tool call, every approval is recorded.
- Retention policies set at tenant level. 90-day chat retention; project archives separately governed.
- Model exclusion from training confirmed at provisioning. Anthropic does not train on Cardinality content.
- BAA signed with Anthropic as defense-in-depth (even though PHI is out of scope).
- Connector scoping: per-project access to Jira / Bitbucket / Drive / Slack / Gmail. No org-wide tokens.
- Prompt-injection defense: every AIDLC skill includes a preamble telling Claude to treat retrieved content as data, not instructions. Quarterly red-team evals.
- No autonomous destructive actions: Claude cannot push to main, merge PRs, send emails, or modify production. Enforced via connector permissions, not goodwill.
DO
- Log in to Claude via the corporate SSO link only.
- Use your assigned project (Tier 2) for client work, not personal chats.
- Review any AI-drafted code for security implications before merging.
- Report unexpected Claude behavior in
#cardy-aidlc-helpimmediately. - Lock your laptop when stepping away — Claude sessions inherit your device state.
DON'T
- Do not paste credentials, API keys, or secrets into a Claude chat — ever.
- Do not connect Claude to personal Gmail / Drive accounts for client work.
- Do not bypass SSO by sharing accounts or using personal Claude.ai accounts for work.
- Do not grant Claude write access to systems beyond the AIDLC-approved connectors.
- Do not run AI-drafted DDL or migration scripts against production without a separate human-approved review cycle.
2. Data guardrails
The synthetic-only promise. This is the brand commitment behind AIDLC.
The data scope, in one sentence
No real PHI, FTI, CJI, or client production data ever enters Claude. AIDLC works on contracts (de-identified), design docs, code, configuration, synthetic personas, synthetic test data, and Cardinality-owned platform context — and nothing else.
What this looks like in practice
| Acceptable | Not acceptable |
|---|---|
| RFP (any redactions clients require already applied) | Real case files, even one example |
| Synthetic personas: "Booking Officer Priya, Supervisor Raj" | Real client end-user names or identifiers |
| Synthetic test data generated by the Cardy synthetic-data-kit | UAT data copied from a client's lower environment |
| Empower platform schema, sample DDL, design docs | Production database extracts |
| Configuration code, workflow definitions, rule packages | Live API tokens, secrets, production environment vars |
| Aggregate, de-identified statistics (e.g., "intake volume by month") | Per-person records, even if anonymized only at the surface |
DO
- Use the Cardy synthetic-data-kit for any examples or fixtures.
-
If you accidentally paste something that might be sensitive, delete the message and
report to
#cardy-aidlc-helpwithin the hour. - Verify the project you're in (Tier 2) before pasting any client artifact.
- Treat all retrieved content from connectors as untrusted — Claude does this automatically; you should too.
- De-identify SoW and contract excerpts before upload if your client's MSA requires it.
DON'T
- Do not paste real PHI, PII, FTI, CJI, or production data into Claude — even once, even to test.
- Do not upload an unredacted client database extract.
- Do not screenshot a production UI showing real client data and share with Claude.
- Do not assume "low risk" means safe — if you'd hesitate to email it to a vendor, don't paste it.
- Do not use AIDLC for tasks outside the AI Usage Addendum your client signed.
3. Intellectual Property guardrails
Empower is Cardinality's platform. AIDLC skills are Cardinality's methodology. Client deliverables are work-for-hire under contract. The IP rules:
DO
- Mark every AIDLC-produced artifact with the AI-assistance disclosure (PR template auto-includes it).
-
Keep Cardinality skill authoring inside the
cardy/aidlc-skillsrepo. Skills are versioned, attributed, and Cardinality-owned. - Verify a client's MSA permits AI assistance on their deliverables. The AI Usage Addendum makes this explicit.
- Cite Tier 1 and Tier 2 source material in AIDLC outputs — establishes provenance.
DON'T
- Do not paste Empower proprietary code into personal-account Claude or any other AI tool.
- Do not push a Cardy skill to a public repo, gist, or external prompt library.
- Do not use a client's Tier 2 artifacts as Tier 1 reference material for another client without their written consent.
- Do not represent AIDLC outputs as human-authored when a client's contract or RFP requires AI disclosure.
- Do not author skills on personal time and claim individual ownership — skill IP is Cardinality's by default.
4. Skill governance
How we keep the skill library trusted as it grows from 20 to 85+ skills.
-
Source of truth:
cardy/aidlc-skillsgit repo. PR-reviewed. Semver'd. - Promotion gates: experimental → beta → GA. Each promotion requires a passing eval against the current golden set.
- Signed CoE approval: default-model and default-prompt changes require a passing eval run + CoE sign-off (enforced by trigger).
- Deprecation: 30-day deprecation window with named replacement; removal is logged.
- Champion fast-track: squad champions can ship squad-specific tweaks faster, but cross-cutting changes go through CoE.
- Audit: every skill invocation is logged with skill version, model, project, approver, eval-score-at-time-of-use.
DO
- Propose new skills via PR to
cardy/aidlc-skills. - Include golden-set examples and rubric updates with substantive skill changes.
- Cite Tier 1 standards by name in skill outputs — it's a rubric dimension.
-
Report a skill regression in
#cardy-aidlc-helpwith reproduction steps.
DON'T
- Do not edit your local copy of a skill and ship a one-off to a client — your edit is invisible to evals.
- Do not change the default model on a skill without a passing head-to-head eval.
- Do not use a deprecated skill past its sunset date — replacements are named in the deprecation notice.
- Do not bypass the two-human PR rule by claiming "Claude reviewed it."
5. People & HITL guardrails
AIDLC is human-supervised by design. The HITL gates are non-negotiable.
| Gate | Approver | Encoded in |
|---|---|---|
| PRS → Fit-Gap | BA Lead | Jira workflow transition |
| Fit-Gap → Story Decomposition | Solution Architect | Drive doc approval comment |
| HLD → LLD | Implementation Architect (+ Empower Product Architect for Platform / Product Feature) | Drive doc approval comment |
| Stories → Development | BA Lead + PM | Jira workflow transition |
| LLD → Code | Tech Lead (bucket-specific) | Drive doc approval comment |
| Test Cases → Master Suite | QA Lead | Xray/Zephyr promotion |
| Code → Merge | Two human reviewers, one senior; Claude may be one, never both | Bitbucket branch protection |
| Release | DevOps Engineer + Implementation Manager | Functional implementation project team's Slack channel + Jira release transition |
DO
- Be the human in the loop. Read every AI-drafted artifact before approving.
- Use the AI-assistance checklist in the PR template — it forces explicit disclosure.
- Edit AIDLC outputs visibly. The point isn't to accept whole; it's to make them right.
- Escalate to the CoE if a skill produces consistently wrong artifacts — that's a rubric signal.
DON'T
- Do not approve an artifact you haven't read.
- Do not bypass the second human reviewer on a PR.
- Do not auto-transition Jira tickets with AI based on AI output — humans transition.
- Do not let "Claude said so" justify a decision. Claude proposes; you decide.
6. Incident response
Things will go wrong. Here's the playbook.
Severity levels
| Severity | Example | Response SLA |
|---|---|---|
| SEV-1 | Real PHI/FTI/CJI suspected pasted into Claude | CoE acknowledges in 1 hour; Security loop in same day |
| SEV-2 | Prompt injection succeeded; client data leak suspected; IP exposure | CoE acknowledges in 4 hours |
| SEV-3 | Skill quality regression; eval drift >0.3; consistent false PR review positives | CoE acknowledges in 24 hours |
| SEV-4 | Workflow friction; usability complaint; minor skill bug | Champion or CoE in next business day |
What to do if you suspect a violation
- Don't try to clean it up alone. Reporting an honest mistake is welcomed; covering one up is not.
- Capture evidence. Screenshot the chat, note the project, note the skill if applicable.
-
Post to
#cardy-aidlc-helpwith the severity tag (SEV-1 etc.) and the evidence. CoE on-call is paged automatically for SEV-1/2. - Stop the relevant work until CoE clears it.
- Cooperate with the post-mortem. Every SEV-1/2 gets a written post-mortem; we focus on the system, not the person.
Quick reference card
| If you're about to… | First ask yourself |
|---|---|
| Paste a document into Claude | Is this real client data? If yes, stop. |
| Run code Claude wrote in production | Has a second human reviewed and tests passed? If no, stop. |
| Send a Claude-drafted email to a client | Have I read it end-to-end? Has my manager seen it if it's sensitive? If no, stop. |
| Author a new skill | Is this in the cardy/aidlc-skills repo? Does it have golden examples? If no, open a PR. |
| Use Claude on personal/side projects | Use a personal Claude account on personal time. Don't mix with the Cardinality SSO tenant. |
| Share a Claude transcript externally | Does it contain Tier 2 client material or Empower IP? If unsure, ask the CoE before sharing. |
Your Role — What Changes
Pick your role to personalize. We'll surface your skill pack, your daily flow, your access date, and where to go next. Your selection persists across visits and across tabs.
I am a…
All roles
The full reference. Your selected role above gets highlighted; the rest are visible for context.
cardy-pmo-pack + cardy-platform-base./prs-generator on a
new RFP section. Edit, accept. Run /epic-to-stories, then
/story-ac-gherkin. Paste into Jira (or do it directly in Jira via @claude).
Approve own AC; mark "Ready for Dev".
cardy-arch-pack + cardy-pmo-pack +
cardy-platform-base.
/fit-gap-classifier against the PRS. Then
/hld-functional + /er-diagram + /data-model. Save to
Drive, link to Jira. Approve own designs only after second-pair review.
cardy-dev-pack + cardy-platform-base. Skills are
bucket-aware — /code-empower-workflow for OOTB,
/code-extension for client extensions, etc.
/code-empower-workflow SD-7 (or whichever bucket skill matches). Review the
diff. Edit. Run /unit-tests. Run tests locally. Push branch, open PR — Claude
posts a review automatically. Second human reviewer approves. Merge.
cardy-qa-pack + cardy-platform-base./tc-system, /tc-sit,
/tc-uat, /tc-perf, /tc-security. Review, edit, import
to Xray/Zephyr. Approve. During execution, use /defect-triage and
/regression-pack-update.
cardy-release-pack + cardy-platform-base./runbook-drafter and /rollback-plan. At ship
time, /release-notes. Post-release, /hypercare-digest daily during
hypercare window.
cardy-pmo-pack + cardy-platform-base. Plus the
deliverables-planning skills: /ssp-plan, /infra-plan,
/ocm-plan, /training-plan, /transition-plan.
/estimation-methodology and per-bucket
/estimate-*. For each contract deliverable, run the matching planning skill to
produce a contributor brief + outline. Hand to contributors. Track via your normal PM
tooling.
cardy-pmo-pack earlier if you sit
alongside BAs.
cardy-dev-pack (OOTB skills subset) + cardy-platform-base.
/code-empower-config,
/code-empower-workflow, /code-empower-page,
/code-empower-rule. Apply in Empower workflow designer / page builder / rules
engine. PR-style review with Empower Config Lead.
cardy-dev-pack (migration skills) + cardy-platform-base. Plus
migration-specific test skills from cardy-qa-pack.
/lld-migration for the mapping design. Then
/code-migration-pipeline for the actual ETL. Then
/tc-migration-validation for row-count, integrity, business-rule validation
cases. All grounded against the legacy source schema doc and the Empower target ER from Tier
2.
cardy-dev-pack (analytics skills) + cardy-platform-base.
/lld-migration (analytics variant — same skill, different bucket
context) for the dashboard / data mart design. Then
/code-analytics-dashboard for the BI artifacts. Outputs grounded against
operational schema and reporting requirements from Tier 2.
cardy-platform-base — the Tier 1
standards.
Pilot: San Diego implementation
Our real pilot engagement — a San Diego county HHS implementation kicking off now. Follow this end-to-end and you'll see exactly what your role does at each stage. The engagement is real; the working artifacts in CRAFT (extracts, examples, fixtures) are de-identified per our data-scope policy.
Setup — the Tier 1 and Tier 2 documents
Tier 1 Org-level documents (set by Empower Product + CoE — once for the whole org)
Tier 2 San Diego documents (set by the implementation squad lead + PM at kickoff)
All 12 docs live in Google Drive folders that are wired to the Tier 1 and Tier 2 Claude Projects. Once they're in, every skill in the workflow grounds against them automatically.
.docx for PRS / HLD / LLD / release notes, .xlsx for fit-gap
matrices and estimation models, .pptx for client decks, .pdf for signed
deliverables, and code in the repo. Markdown drafts are an internal authoring step only — the
artifact you review and ship is in the business format.
Now the flow — stage by stage
Pre-Sales Ingest
BA · PM · Solution Architect
Squad lead drops the RFP, response, SOW into the Tier 2 Drive folder. BA opens Claude.ai →
"San Diego Implementation" project → runs /rfp-outcome-extraction to pull the
named outcomes the client contracted for, and /sow-deliverables-extractor to
extract the named contract deliverables (SSP, IP, OCM, etc.) — separated for the PMO.
/rfp-outcome-extraction
Detailed PRS
BA · Product Owner
BA invokes /prs-generator in Cowork mode. Claude reads the San Diego RFP,
response, and outcomes brief; produces a long-form PRS (100–200 pages) with flows, UML
sketches, and acceptance criteria. If the PRS is genuinely too big to be one document, BA
invokes /prs-splitter — splits into Core PRS, Integration PRS, Data Migration
PRS, Extensions PRS.
/prs-generator in Cowork; then /prs-section-deepener for any
thin sections.
Fit-Gap & Classification
Solution Architect
SA invokes /fit-gap-classifier. Claude reads the PRS and the Tier 1 Empower
platform docs; classifies every requirement into one of the 6 buckets. Output: a
classification matrix.
/fit-gap-classifier in Cowork.
| Requirement | Bucket | Rationale |
|---|---|---|
| Intake & eligibility workflow with referral capture | OOTB Configuration | Empower workflow designer + page builder, no new platform features needed. |
| San Diego's safety & risk assessment protocol | Client Extension | Client-specific rule package; doesn't belong in core platform. |
| Courts SFTP nightly feed (juvenile dependency dockets) | Integration | External system contract. |
| Migrate 50K legacy case records from CWS/CMS | Data Migration | One-time data migration with mapping, transformation, validation. |
| Caseload & outcomes dashboard for supervisors | Analytics & BA | Operational BI on top of the operational data. |
| "Multi-county placement coordination" capability | Platform / Product Feature | Generally useful capability — belongs in Empower core. |
High-Level Design
Solution Architect · Data Architect · Security Architect
SA invokes /hld-functional, /hld-architecture-diagram. Data
Architect invokes /er-diagram and /data-model. Security Architect
invokes /security-model. Each lands in Drive; each is approved before story
decomposition.
/hld-functional, /er-diagram, /security-model
Story Decomposition
BA · Product Owner
BA invokes /epic-to-stories on each epic, then
/story-ac-gherkin on each story. Outputs land directly in Jira via the
connector.
/epic-to-stories CARDY-EPIC-1, then per-story
/story-ac-gherkin
Estimation
Tech Lead · PM
Per bucket, tech leads invoke the matching estimation skill: /estimate-ootb,
/estimate-extension, /estimate-integration-migration. Each uses
the per-bucket story-point methodology from Tier 1.
/estimate-ootb etc.
Low-Level Design
Architect · Tech Lead (bucket-specific)
For each significant story, the bucket-matching LLD skill runs:
/lld-ootb-config for OOTB, /lld-extension for extensions,
/lld-integration for integrations, etc. Each LLD includes contracts, sequence
diagrams, and decision points.
Test Case Generation
QA · Developer (for unit)
QA runs /tc-system, /tc-sit, /tc-uat,
/tc-perf, /tc-security per story. Developer runs
/tc-unit alongside code generation in Stage 9.
/tc-system, etc.
Development — the developer's day
Developer (bucket-aware)This is the most-asked-about step, so let's walk a real one. Story SD-7: "Implement San Diego's safety & risk assessment protocol as a client extension." Bucket: Client Extension. Developer Anil opens VS Code, opens Claude Code in the project, types:
$ claude > /code-extension SD-7
Claude reads the story from Jira, the LLD from Drive, the Empower rules-extension patterns
from Tier 1. Generates: a Drools rule package for the safety/risk protocol, a Nest service
to invoke it, an Angular component to display the assessment, and an RBAC binding so only
Supervisors can override. Then runs /unit-tests automatically alongside. Anil
reviews the diff inline, fixes one edge case, pushes:
$ git push origin feature/SD-7-safety-risk-assessment
Opens a PR. Claude posts a review against Empower standards (Stage 10).
/code-extension SD-7, then /unit-tests.
Code Review
Senior Developer (human) + Claude (one of two reviewers)Claude posts inline comments against Empower standards (RBAC, audit events, NFR baselines). Senior Dev reviews; can dismiss Claude comments. Second human reviewer approves. Merge.
Test Execution
QA
QA runs test suites. For failing cases, invokes /defect-triage — Claude
classifies and proposes likely root cause, links to relevant code. QA confirms, files
defect.
/defect-triage.
Ship & Hypercare
DevOps Engineer · Delivery Manager
DevOps Engineer invokes /release-notes, /runbook-drafter,
/rollback-plan. Posts in the implementation team's own release Slack channel for approval (e.g. #sd-implementation-releases). After
ship, /hypercare-digest runs daily for 2 weeks.
/release-notes SD-7, then /runbook-drafter,
/rollback-plan.
The parallel Deliverables Track
Running alongside Stages 1–12 is the Contract Deliverables Track. PMO invokes planning skills for each contract deliverable. AIDLC does NOT generate the SSP itself; it generates a planning artifact that names contributors, sections, data sources, prior reference materials, and a draft outline. Humans author the final docs.
| Deliverable | Skill | When | Contributors |
|---|---|---|---|
| System Security Plan (SSP) | /ssp-plan |
Week 2 of implementation | Security + DevOps + Compliance |
| Infrastructure Plan (IP) | /infra-plan |
Week 2 | DevOps + Solution Architect |
| OCM Plan | /ocm-plan |
Week 3 | OCM Lead + PM |
| Training Plan | /training-plan |
Week 4 | Training Lead + PM |
| Transition Plan | /transition-plan |
Before go-live | PM + Hypercare Lead |
Timeline — PLACEHOLDER
All dates and day-counts below are PLACEHOLDER. Final dates will be confirmed and replaced once kickoff is signed off.
[KICKOFF], [+10d],
[+25d], [+35d], [+50d], [+60d],
[+120d] with real calendar dates before circulating.
What you should do before your access date
- BAs & Architects: Read the Methodology and Pilot tabs by Day 20. Block 30% of your calendar for the week of Day 25–32.
- Developers / Config Specialists / Empower Platform Engineers: Install Claude Code by Day 30. Read the Pilot tab Stage 9 section. Block 30% of your calendar for the week of Day 35–42.
- QA / DevOps / PM: Read the Pilot tab end-to-end by Day 45. Identify one story per current sprint to run through CRAFT in the week of Day 50–55.
FAQ
The questions people are actually asking. If yours isn't here, post in
#cardy-aidlc-help.
Is real client data going into Claude?
No. AIDLC works on contracts (de-identified), design docs, code, configuration, synthetic personas, and synthetic test data only. No PHI, no CJI, no FTI, no real client production data — ever. This is a contractual posture, enforced in every project addendum and every skill preamble.
Will this change my job?
The shape of your day shifts. Less blank-page drafting, more reviewing AI-drafted artifacts and making them right. The system of record (Jira, Bitbucket, Drive) doesn't change. Your approver role doesn't change. What changes is the speed from "we have a story" to "we have a tested PR" — that's the whole point.
Will AI replace any of us?
Not in this plan. Cardinality's growth plan is to win more state implementations and ship them faster — that requires more senior people, not fewer. AIDLC is leverage for the people we already have. The CoE is +5 hires; no role is being eliminated.
What if Claude writes bad code?
Two human reviewers required on every PR, one of them senior. Claude can be one of the two, never both. Plus the Code Review skill flags low-confidence sections and Empower-standards violations before a human reviewer opens the PR. Plus tests must be green. Plus the eval framework catches systematic quality regressions before they reach prod.
Will offshore and onsite teams be on the same skills?
Yes. The skill library is shared. Bucket ownership reflects natural team focus — Platform / Product Feature work typically sits with the Empower product team, Client Extension and Integration buckets typically sit with implementation teams — but every skill is available to anyone with the role.
How do we know the skills are working?
Every AIDLC skill has an evaluation rubric and a golden set (20–50 examples). Quality is scored weekly, drift is monitored, and skills can only graduate to GA after hitting thresholds. The dashboard is in the CoE Settings and reviewed monthly with leadership.
What about the contract deliverables — SSP, IP, OCM?
For this rollout, AIDLC produces a planning artifact for each: contributors, sections, source data, prior reference materials (de-identified), and a draft outline. Humans author the final document. AIDLC removes the blank-page tax; humans keep ownership of regulatory artifacts.
What if a client objects to AI being involved?
Show them the AI Usage Addendum (de-identified working artifacts; no real PHI/FTI/CJI/production data) and the HITL gate matrix. If they want eval evidence, the CoE can share scores. To date, every state client briefed on CRAFT has been supportive once they see the controls.
I have an idea for a new skill — what do I do?
Open a PR against cardy/aidlc-skills. Squad champions can fast-track squad-specific
skills. Cross-cutting skills go through CoE review. Every skill is versioned; nothing is final.
What if a skill produces a wrong artifact?
Reject it. Edit it. The HITL gates exist exactly for this. Then flag it in
#cardy-aidlc-help with the skill name and what went wrong. The CoE uses these
reports to tighten rubrics and grow golden sets.
What's the cost? Who pays?
Claude Enterprise license is centrally funded by Innovations & AI. No per-seat charge to delivery budgets. Per-skill usage is tracked and visible to the CoE; expensive Opus-heavy skills are monitored and may be model-routed to Sonnet if a cost/quality crossover allows.
Who do I ask?
Slack #cardy-aidlc-help is the front door for help and guidance — open to everyone. CoE on-call rotation publishes there. #cardy-aidlc-announce is read-only for broadcasts. #cardy-aidlc-coe is CoE folks only. Release approvals and project-stage approvals happen inside each implementation team's own channels and Jira workflow, not in the CRAFT channels.
Resources
Links, channels, and the CoE.
# in each href="#" below with
the real Google Drive link before circulating. The top "Drive home" link drops people into the AIDLC
folder; the rest are direct deep-links to each document.
Documents (Google Drive)
- Strategy doc. Full Cardy AIDLC strategy and rollout plan. Open ›
- Skill catalog. The 85-skill catalog by bucket × stage × persona. Open ›
- Evals plan. How quality is measured — rubrics, golden sets, promotion gates. Open ›
- Procurement & Day-0 checklist. Pre-flight punch list for the Foundations phase. Open ›
- Pilot pack (San Diego). De-identified RFP excerpts, Tier 1 stub, sample skill markdowns. Open ›
-
This portal. Linked from the top of
#cardy-aidlc-announce. Open ›
Slack channels — keep it simple
Three channels. That's it. Everything else (skill PRs, eval digest, pilot updates) is threaded inside these.
-
#cardy-aidlc-announce— Announcements only. Read-only broadcast: leadership readouts, phase launches, GA promotions, eval digest summaries. -
#cardy-aidlc-coe— CoE folks only. Methodology, governance, eval rubrics, skill PR triage, model-routing decisions. -
#cardy-aidlc-help— Open to everyone, for any help and guidance. Questions, skill usage, skill proposals, drift reports, pilot chatter, office-hour overflow. CoE on-call rotation publishes here. Not the approval channel — release and stage approvals happen in each implementation project team's own channels and Jira workflow.
Claude resources
- docs.claude.com — Official Anthropic documentation for Claude, Claude Code, and Claude API.
- Prompt engineering guide — for when you want to author or refine a skill.
- support.claude.com — for account, billing, technical issues.
The CoE — Office of Innovations & AI (placeholder)
- Head of AI: ·
cy-platform@cardyai.com - AI Architect
- Prompt Engineer
- Evals Lead
- Enablement Lead
-
Champions: One per implementation squad — names in
#cardy-aidlc-coe.
Office hours (placeholder)
- BA / Architect
- Developer / Config Specialist
- QA / DevOps / PM
- Empower Product / Platform-Product Feature
What to do right now
-
Join
#cardy-aidlc-announce. You'll get every phase launch and milestone here. - Read the Pilot tab. It's the single highest-leverage 10 minutes you'll spend on CRAFT.
- Mark your access date. Block 30% of your calendar for the week your role's pack ships (Timeline tab).
-
Ask one question. In
#cardy-aidlc-help. We want every question now, not on your access date.
Why CRAFT
Sometimes a picture says it faster than the strategy doc. Share these in Slack, drop them in a deck, pin them above your monitor.
AI-Native SDLC vs Traditional SDLC
AI does the heavy lifting. Humans provide the judgment.
Print it. Pin it. Paste it in a deck. Share it in Slack. If anyone asks why we're investing in CRAFT, this picture is the 5-second answer.
#cardy-aidlc-help and we'll add it here.