This directory contains example persona definitions that demonstrate how to use skills from the PCL Standard Library to create governed AI agents with specific expertise.
File: fullstack-developer.pcl
Skills: 21 expert skills
- Frontend: TypeScript, JavaScript, React, Next.js, Vue
- Backend: Node.js, FastAPI, GraphQL, API Design, Microservices
- Database: PostgreSQL, MongoDB, Redis
- DevOps: Docker, Kubernetes, Git, AWS, CI/CD
- Testing: Playwright, Jest
Risk Level: Medium Governance: High Use Case: Building modern web applications with full-stack capabilities
File: data-platform-engineer.pcl
Skills: 25 expert skills
- Languages: Python, Scala, SQL
- Data Platforms: Snowflake, Databricks, PostgreSQL
- ETL/ELT: Airflow, dbt, Kafka
- Analytics: Tableau, Power BI, Looker
- Cloud: AWS, Azure
- Infrastructure: Terraform, Docker, Kubernetes
- AI/ML: Data Science, Machine Learning
- Architecture: Data Mesh
Risk Level: High (handles sensitive data) Governance: Critical Use Case: Building and maintaining modern data platforms with strict data governance
Special Features:
- PII tracking and masking
- Data lineage tracking
- GDPR compliance
- Data mesh principles
File: cloud-security-architect.pcl
Skills: 24 expert skills
- Security: Penetration Testing, Zero Trust, Cryptography, Incident Response, Cybersecurity
- Compliance: GDPR, SOC 2, Audit, Standards
- Cloud: AWS, Azure, GCP
- Infrastructure: Kubernetes, Terraform, Istio, Helm
- Monitoring: Prometheus, Grafana
- API Security: API Design, Microservices
- Programming: Python, Go
Risk Level: Critical (highest) Governance: Critical Use Case: Securing cloud infrastructure with zero trust architecture and compliance
Special Features:
- Dual authorization for critical operations
- Comprehensive audit logging
- Multiple compliance frameworks (ISO 27001, SOC 2, GDPR, NIST, PCI DSS, HIPAA)
- Incident response playbooks
- Zero trust principles
File: devops-sre-engineer.pcl
Skills: 18 expert skills
- Container Orchestration: Kubernetes, Docker, Helm, Istio
- Infrastructure as Code: Terraform, Ansible
- Cloud: AWS
- CI/CD: GitHub Actions, ArgoCD
- Monitoring: Prometheus, Grafana
- Languages: Python, Bash, Go
- Testing: Chaos Engineering, Load Testing
- Version Control: Git
Risk Level: Critical (infrastructure operations) Governance: Critical Use Case: Site reliability engineering with SLO tracking, incident response, and production operations
Special Features:
- SRE metrics and SLO management
- Incident response workflows
- Blameless post-mortem culture
- Error budget tracking
- Disaster recovery planning
- Runbook automation
- Capacity planning
File: enterprise-integration-specialist.pcl
Skills: 23 expert skills
- Enterprise Systems: SAP, Salesforce, ServiceNow, Microsoft 365, Dynamics 365
- Integration: REST API, GraphQL, gRPC, SOAP, API Design
- Messaging: Kafka, RabbitMQ
- Languages: Java, Python, JavaScript
- Data: PostgreSQL, MongoDB, ETL
- Cloud: AWS, Azure
- Security: OAuth, Cryptography
Risk Level: High (enterprise data handling) Governance: Critical Use Case: Integrating enterprise systems with API management, data flows, and compliance
Special Features:
- Multi-system integration patterns
- Event-driven architecture
- Batch and real-time data sync
- API versioning and contract testing
- Enterprise system best practices
- Data lineage tracking
- Distributed tracing
- Resilience patterns (circuit breaker, retry, DLQ)
# Using PCL CLI (future)
pcl persona load examples/personas/fullstack-developer.pcl
# Validate persona
pcl persona validate examples/personas/fullstack-developer.pclEach persona definition includes:
persona "Name" {
version = "1.0.0"
description = "..."
# Skills from stdlib
skills = [...]
# Governance rules
governance {
risk_classification = "low|medium|high|critical"
audit_required = true/false
requires_approval_for = [...]
}
# Tool permissions
constraints {
allowed_tools = [...]
prohibited_tools = [...]
}
# Compliance frameworks
compliance {
frameworks = [...]
data_classification = [...]
}
# Capabilities matrix
capabilities = {...}
# Working context
context {...}
}
- Public-facing content
- Documentation
- UI development
- No data access
- Application development
- Internal tools
- Limited data access
- Code deployments
- Data pipelines
- PII handling
- Database operations
- Infrastructure changes
- Security operations
- Compliance audits
- Production data access
- Encryption key management
All personas implement:
- ✅ Principle of Least Privilege - Minimal tool permissions
- ✅ Audit Logging - All actions logged
- ✅ Human Oversight - Critical operations require approval
- ✅ Separation of Duties - Role-based access control
- ✅ Compliance Alignment - ISO, GDPR, SOC 2, NIST frameworks
- Language Layer: TypeScript, JavaScript
- Framework Layer: React, Next.js, Node.js
- Data Layer: PostgreSQL, MongoDB, Redis
- Integration Layer: GraphQL, REST APIs
- Infrastructure Layer: Docker, Kubernetes, AWS
- Core Domain: Data Engineering
- Supporting Domains: Cloud, DevOps, ML
- Governance Domain: Data Mesh, Privacy
- Tool Domain: Airflow, dbt, Snowflake
- Security Core: Pentesting, Zero Trust, Cryptography
- Compliance Layer: GDPR, SOC 2, ISO 27001
- Platform Layer: Multi-cloud (AWS, Azure, GCP)
- Monitoring Layer: SIEM, IDS/IPS, Continuous Monitoring
Browse the skill catalog to find relevant skills:
import json
with open('stdlib/catalog/skill-catalog.json') as f:
catalog = json.load(f)
# Search by category
devops_skills = catalog['categories']['devops']
# Search by tag
security_skills = [s for s in catalog['skills'] if 'security' in s.get('tags', [])]Consider:
- Risk level of operations
- Data sensitivity
- Compliance requirements
- Approval workflows
- Audit requirements
Use allowlists (allowed_tools) and denylists (prohibited_tools):
constraints {
# Allow specific operations
allowed_tools = [
"Bash(npm:install:*, npm:test:*)", # Allow npm install and test
"Bash(kubectl:get:*, kubectl:describe:*)" # Read-only K8s
]
# Explicitly prohibit dangerous operations
prohibited_tools = [
"Bash(rm:-rf:*)",
"Bash(kubectl:delete:*)",
"Bash(DROP:*)"
]
}
Map to relevant frameworks:
compliance {
frameworks = ["ISO 27001", "GDPR", "SOC 2"]
data_classification = ["pii", "confidential"]
security_requirements = {
encryption_at_rest = true
access_logging = true
}
}
Note: These are example personas for reference. Customize them based on your specific governance requirements and use cases.