Skip to content

Latest commit

 

History

History
 
 

README.md

PCL Example Personas

This directory contains example persona definitions that demonstrate how to use skills from the PCL Standard Library to create governed AI agents with specific expertise.

📚 Available Personas

1. Full-Stack Web Developer

File: fullstack-developer.pcl

Skills: 21 expert skills

  • Frontend: TypeScript, JavaScript, React, Next.js, Vue
  • Backend: Node.js, FastAPI, GraphQL, API Design, Microservices
  • Database: PostgreSQL, MongoDB, Redis
  • DevOps: Docker, Kubernetes, Git, AWS, CI/CD
  • Testing: Playwright, Jest

Risk Level: Medium Governance: High Use Case: Building modern web applications with full-stack capabilities


2. Data Platform Engineer

File: data-platform-engineer.pcl

Skills: 25 expert skills

  • Languages: Python, Scala, SQL
  • Data Platforms: Snowflake, Databricks, PostgreSQL
  • ETL/ELT: Airflow, dbt, Kafka
  • Analytics: Tableau, Power BI, Looker
  • Cloud: AWS, Azure
  • Infrastructure: Terraform, Docker, Kubernetes
  • AI/ML: Data Science, Machine Learning
  • Architecture: Data Mesh

Risk Level: High (handles sensitive data) Governance: Critical Use Case: Building and maintaining modern data platforms with strict data governance

Special Features:

  • PII tracking and masking
  • Data lineage tracking
  • GDPR compliance
  • Data mesh principles

3. Cloud Security Architect

File: cloud-security-architect.pcl

Skills: 24 expert skills

  • Security: Penetration Testing, Zero Trust, Cryptography, Incident Response, Cybersecurity
  • Compliance: GDPR, SOC 2, Audit, Standards
  • Cloud: AWS, Azure, GCP
  • Infrastructure: Kubernetes, Terraform, Istio, Helm
  • Monitoring: Prometheus, Grafana
  • API Security: API Design, Microservices
  • Programming: Python, Go

Risk Level: Critical (highest) Governance: Critical Use Case: Securing cloud infrastructure with zero trust architecture and compliance

Special Features:

  • Dual authorization for critical operations
  • Comprehensive audit logging
  • Multiple compliance frameworks (ISO 27001, SOC 2, GDPR, NIST, PCI DSS, HIPAA)
  • Incident response playbooks
  • Zero trust principles

4. DevOps/SRE Engineer

File: devops-sre-engineer.pcl

Skills: 18 expert skills

  • Container Orchestration: Kubernetes, Docker, Helm, Istio
  • Infrastructure as Code: Terraform, Ansible
  • Cloud: AWS
  • CI/CD: GitHub Actions, ArgoCD
  • Monitoring: Prometheus, Grafana
  • Languages: Python, Bash, Go
  • Testing: Chaos Engineering, Load Testing
  • Version Control: Git

Risk Level: Critical (infrastructure operations) Governance: Critical Use Case: Site reliability engineering with SLO tracking, incident response, and production operations

Special Features:

  • SRE metrics and SLO management
  • Incident response workflows
  • Blameless post-mortem culture
  • Error budget tracking
  • Disaster recovery planning
  • Runbook automation
  • Capacity planning

5. Enterprise Integration Specialist

File: enterprise-integration-specialist.pcl

Skills: 23 expert skills

  • Enterprise Systems: SAP, Salesforce, ServiceNow, Microsoft 365, Dynamics 365
  • Integration: REST API, GraphQL, gRPC, SOAP, API Design
  • Messaging: Kafka, RabbitMQ
  • Languages: Java, Python, JavaScript
  • Data: PostgreSQL, MongoDB, ETL
  • Cloud: AWS, Azure
  • Security: OAuth, Cryptography

Risk Level: High (enterprise data handling) Governance: Critical Use Case: Integrating enterprise systems with API management, data flows, and compliance

Special Features:

  • Multi-system integration patterns
  • Event-driven architecture
  • Batch and real-time data sync
  • API versioning and contract testing
  • Enterprise system best practices
  • Data lineage tracking
  • Distributed tracing
  • Resilience patterns (circuit breaker, retry, DLQ)

🎯 Using These Personas

Loading a Persona

# Using PCL CLI (future)
pcl persona load examples/personas/fullstack-developer.pcl

# Validate persona
pcl persona validate examples/personas/fullstack-developer.pcl

Persona Structure

Each persona definition includes:

persona "Name" {
  version = "1.0.0"
  description = "..."

  # Skills from stdlib
  skills = [...]

  # Governance rules
  governance {
    risk_classification = "low|medium|high|critical"
    audit_required = true/false
    requires_approval_for = [...]
  }

  # Tool permissions
  constraints {
    allowed_tools = [...]
    prohibited_tools = [...]
  }

  # Compliance frameworks
  compliance {
    frameworks = [...]
    data_classification = [...]
  }

  # Capabilities matrix
  capabilities = {...}

  # Working context
  context {...}
}

🔒 Governance Levels

Low Risk

  • Public-facing content
  • Documentation
  • UI development
  • No data access

Medium Risk

  • Application development
  • Internal tools
  • Limited data access
  • Code deployments

High Risk

  • Data pipelines
  • PII handling
  • Database operations
  • Infrastructure changes

Critical Risk

  • Security operations
  • Compliance audits
  • Production data access
  • Encryption key management

🛡️ Security Features

All personas implement:

  • Principle of Least Privilege - Minimal tool permissions
  • Audit Logging - All actions logged
  • Human Oversight - Critical operations require approval
  • Separation of Duties - Role-based access control
  • Compliance Alignment - ISO, GDPR, SOC 2, NIST frameworks

📊 Skill Composition Patterns

Layered Approach (Full-Stack Developer)

  1. Language Layer: TypeScript, JavaScript
  2. Framework Layer: React, Next.js, Node.js
  3. Data Layer: PostgreSQL, MongoDB, Redis
  4. Integration Layer: GraphQL, REST APIs
  5. Infrastructure Layer: Docker, Kubernetes, AWS

Domain-Oriented (Data Platform Engineer)

  1. Core Domain: Data Engineering
  2. Supporting Domains: Cloud, DevOps, ML
  3. Governance Domain: Data Mesh, Privacy
  4. Tool Domain: Airflow, dbt, Snowflake

Security-First (Cloud Security Architect)

  1. Security Core: Pentesting, Zero Trust, Cryptography
  2. Compliance Layer: GDPR, SOC 2, ISO 27001
  3. Platform Layer: Multi-cloud (AWS, Azure, GCP)
  4. Monitoring Layer: SIEM, IDS/IPS, Continuous Monitoring

🚀 Creating Custom Personas

Step 1: Identify Required Skills

Browse the skill catalog to find relevant skills:

import json

with open('stdlib/catalog/skill-catalog.json') as f:
    catalog = json.load(f)

# Search by category
devops_skills = catalog['categories']['devops']

# Search by tag
security_skills = [s for s in catalog['skills'] if 'security' in s.get('tags', [])]

Step 2: Define Governance Requirements

Consider:

  • Risk level of operations
  • Data sensitivity
  • Compliance requirements
  • Approval workflows
  • Audit requirements

Step 3: Configure Tool Permissions

Use allowlists (allowed_tools) and denylists (prohibited_tools):

constraints {
  # Allow specific operations
  allowed_tools = [
    "Bash(npm:install:*, npm:test:*)",  # Allow npm install and test
    "Bash(kubectl:get:*, kubectl:describe:*)"  # Read-only K8s
  ]

  # Explicitly prohibit dangerous operations
  prohibited_tools = [
    "Bash(rm:-rf:*)",
    "Bash(kubectl:delete:*)",
    "Bash(DROP:*)"
  ]
}

Step 4: Align with Compliance

Map to relevant frameworks:

compliance {
  frameworks = ["ISO 27001", "GDPR", "SOC 2"]
  data_classification = ["pii", "confidential"]

  security_requirements = {
    encryption_at_rest = true
    access_logging = true
  }
}

📖 Further Reading


Note: These are example personas for reference. Customize them based on your specific governance requirements and use cases.