For spec-driven shops
Specs declare intent. Policy decides outcome.
The policy substrate spec-driven development left missing.
Spec-driven development tools (GitHub Spec Kit, AWS Kiro, Claude Code plan mode, Cursor commands) gave teams a way to declare what their software should be. None of them answer what it’s not allowed to do. TruStacks is the policy-as-code layer for the spec-driven stack.
Where SDD stops
Intent and constraint are different layers.
Specs · Intent
What should the system be?
Markdown specs, structured intent, AI-readable templates. SDD tools converted product requirements into agent-consumable artifacts. Spec Kit alone hit ~97K GitHub stars in less than a year.
Policy · Constraint
What is the system not allowed to do?
Signed, layered, version-controlled Rego rules. The answer your security and compliance teams already trust. The layer SDD tools didn't ship.
The fit
TruStacks layers under your SDD tooling.
Spec your application with your SDD tool of choice. Spec your platform target and governance with TruStacks. Both get evaluated under the constitution before anything merges.
Your SDD tool produces an artifact: a spec, a plan, a draft implementation. TruStacks reads the resulting pull request, evaluates it against your constitution, your Specialist Packs, and your customer overlay, and proposes changes that bring the artifact into compliance. The customer overlay is where your policy authors encode what your specific organization considers allowed. The crew respects all of it.
The boundary
We’re not replacing your SDD tooling.
We don't read Spec Kit specs.
Your SDD tooling owns spec authoring and intent capture. TruStacks evaluates the resulting pull request, not the spec file format.
We don't ship Markdown-spec authoring.
That's a job SDD tools already do well. We complement them at the policy and platform-target layer, not at the spec layer.
We're not an SDD product.
We're the policy-as-code layer SDD tools left missing. Different category, complementary surface.
Existing customers don't switch.
Teams already running Spec Kit, Kiro, Claude Code plan mode, or Cursor commands keep them. TruStacks plugs in at the pull-request layer where policy belongs.
Add policy to your SDD stack.
Bring your SDD tooling. Bring your Rego policies. We’ll walk you through a crew run that evaluates your spec output against your constitution end to end.