// Architecture Decision Record (ADR) management skill. Creates, maintains, and enforces architectural decisions with anti-rationalization guards and named verification gates. Drop into any project to give an AI coding agent a shared, enforceable ADR workflow.
ADR-set health sweep for adr-kit. Runs the due health tier(s) — cheap (drift + stale + lint) and/or LLM (suggest + audit) — applies mix-by-finding-type responses, and stamps the state file when done. Invoke after seeing an [adr-guardian] ... DUE block at session start, or on demand to run a full health sweep. Accepts optional arg: cheap | llm | all. LLM tier always asks before spending.
One-shot project bootstrap for adr-kit. Hooks the kit into CLAUDE.md (via a slim stub + a copy of templates/adr-kit-guide.md → .claude/adr-kit-guide.md), runs bin/adr-audit to enumerate decision-shaped artefacts in source + documentation, walks the user through batch approval to generate Accepted ADRs via the adr-generator subagent, installs the pre-commit hook, and finally lints. Idempotent across re-runs. User-invocable only — this is a side-effecting operation.
Install or uninstall the adr-kit pre-commit hook in the current project. Copies templates/githooks/pre-commit into .githooks/pre-commit, makes it executable, and runs `git config core.hooksPath .githooks`. Idempotent. Used internally by /adr-kit:init and /adr-kit:upgrade; also exposed standalone for users who want to add or remove the hook independently.
Interactive judge of a staged git diff against the project's Accepted ADRs. Runs bin/adr-judge with the LLM pass (Claude Sonnet by default, since v0.13.0) — same engine the pre-commit hook uses, so verdicts are consistent. On violation, walks the user through three resolution paths (write a new ADR, supersede an existing ADR, fix the code). Pairs with the pre-commit hook — invoke before committing on important changes, or after the hook blocks you to drive the resolution.
Lints existing Architecture Decision Records against four verification gates plus the deterministic status-history audit. Run on a single ADR file or on the whole docs/adr/ tree. Reports pass/fail per gate per file with file:line citations for failures. Read-only.
Audits Accepted Architecture Decision Records for possible retirement using deterministic staleness, technology-removal, supersession, and enforcement-policy signals. Produces ranked candidates for human review; never edits ADRs.
| name | adr |
| description | Architecture Decision Record (ADR) management skill. Creates, maintains, and enforces architectural decisions with anti-rationalization guards and named verification gates. Drop into any project to give an AI coding agent a shared, enforceable ADR workflow. |
| argument-hint | [short title of the decision] |
| license | MIT |
This skill enables systematic creation, maintenance, and enforcement of Architecture Decision Records. ADRs document significant architectural choices along with their context, alternatives considered, and consequences. They serve as living documentation so current and future developers (and AI agents) understand why the system is built the way it is.
The skill bundles three patterns that distinguish it from a basic ADR template:
Proposed to Accepted. Reviewers can block on a single named gate.Decision Maker: attribution so user-driven choices are visible in the record, distinct from agent-generated ADRs.Use this skill automatically when:
Use this skill when the user mentions:
Create a new ADR when making a decision that:
ADRs fail not from lack of templates but from the agent (or human) talking themselves out of writing one. Below is a table of common excuses with their counter-arguments. When you hear yourself reaching for one of the left-column entries, stop and apply the right-column response.
| Excuse | Counter-argument |
|---|---|
| "This decision is obvious" | Obvious to you, today, with the context fresh in your head. Not obvious to a maintainer in six months, an open-source contributor, or an AI agent reviewing the PR. Document the why. |
| "I'll document it later" | You will not. The pattern goes in once and only comes out if a future bug forces it out. Cost of writing now: 15 to 30 minutes. Cost of re-deriving later: hours, sometimes a full incident. |
| "The code speaks for itself" | Code shows what and how. ADRs document why. The why is never derivable from source: it lives in the constraints, the alternatives that were rejected, and the trade-offs accepted. |
| "Everyone knows this pattern" | Everyone on the team today. Not the maintainer in three years. Not the contributor who shows up next week. Not the model running a future code review. |
| "This is just the framework default" | Then say so explicitly. "Status: Accepted. We took the framework default for X because Y." Defaults embed assumptions; an ADR makes those assumptions inspectable. |
| "It is too small to need an ADR" | Small architecturally? Then no ADR. Small implementation of a contract change? Still an ADR, because the contract is what future developers will trip over. |
| "We can always change it later" | Every architectural choice constrains the next one. Document the chosen path now so a future change is a deliberate supersede, not an accidental drift. |
| "I don't have time" | Pay 30 minutes now or pay hours when someone challenges the choice in code review six months from now and nobody can remember the rationale. |
| "There are no real alternatives" | Almost never true. If you cannot name one, the alternative is "do nothing" or "the framework default": that is an alternative. Document it and the reason it lost. |
This pattern was originally introduced by addyosmani/agent-skills and was first combined with verification gates in a single ADR skill by Jim van den Breemen's adr-skill; adr-kit adapts that pairing.
When introducing this skill to an existing codebase, perform a comprehensive architectural analysis to identify and document existing but undocumented decisions.
Step 1: identify architectural patterns. Areas to analyse:
Step 2: ask critical questions. For each pattern discovered:
Step 3: generate ADRs systematically. For each undocumented decision:
Status: Accepted (since already implemented).Step 4: prioritize. Start with foundational decisions that:
"Analyze this codebase to identify undocumented architectural decisions"
"Generate ADRs for existing architectural patterns in this codebase"
"What architectural decisions should be documented in this project?"
GOOD AVOID
Write for future developers Use jargon without explanation
Include code examples Assume reader knows the context
Reference related ADRs Skip alternatives ("only way")
Use clear, simple language Make assumptions unstated
Document driving constraints Forget to update status when superseding
Explain consequences both ways Be vague ("better", "improves performance")
Link to implementation Skip negative consequences
Be critical, document risks Write marketing copy
Provide specific evidence Use jargon without defining it
An ADR moves from Status: Proposed to Status: Accepted only after all four gates pass. The gates are intentionally named so a reviewer can cite a single gate when blocking acceptance: "This ADR fails the Evidence gate, please add measurements."
The ADR has filled every load-bearing section.
Every claim that a reader could challenge is backed by something verifiable.
file:line so the reviewer can verifyA reader who has never seen this codebase can follow the argument.
The ADR fits the existing record without creating contradictions.
Accepted ADR; if there is, this ADR is a supersede with explicit referenceThis pattern was originally introduced by trailofbits/skills and was first combined with anti-rationalization guards in a single ADR skill by Jim van den Breemen's adr-skill; adr-kit adapts that pairing.
Default template. Override with project specifics in your project's local copy of this file.
# ADR-XXX Title in title case
## Status
Accepted. Date: YYYY-MM-DD.
(Or: Proposed; Deprecated; Superseded by ADR-YYY; Amended by ADR-YYY.)
## Status History
status_history:
- date: YYYY-MM-DD
status: Accepted
changed_by: Agent or User
reason: Initial decision record
changed_via: adr-kit
## Context
One paragraph stating the problem clearly enough for a reader who has never seen this codebase. Include the constraints that drove the decision and the existing state that triggered the choice.
## Decision
A single declarative sentence stating what was chosen. Optionally followed by 2 to 4 short paragraphs unpacking the choice.
## Alternatives Considered
### Alternative A: name
Description and rejection reasoning.
### Alternative B: name
(repeat structure)
### Alternative C: do nothing
If "do nothing" was rejected, document why. If it was the right choice, this ADR is probably not needed.
## Consequences
**Benefits**
- Specific positive outcomes, with measurements when achievable.
**Trade-offs**
- The cost we accepted by making this choice.
**Risks and mitigations**
- *Risk*: what could go wrong. *Mitigation*: how we address it.
## Related Decisions
- **ADR-YYY (Title)**: how it relates (supersedes, amends, depends on, complements).
## References
- Implementation tasks or issue IDs.
- Source files affected (file:line).
- External specs, RFCs, vendor docs, or measurements.
A clean copy is available at examples/ADR-template.md.
Format: ADR-XXX-short-descriptive-title.md
Where:
- XXX = zero-padded sequential number (001, 002, ..., 099, 100, etc.)
- short-descriptive-title = kebab-case description
Examples:
- ADR-001-postgresql-for-sensor-data.md
- ADR-014-rest-api-versioning.md
- ADR-042-grpc-internal-rpc.md
- ADR-099-deprecated-static-bundling.md
Wrong:
- ADR-1-postgresql.md (not zero-padded)
- adr-001-PostgreSQL.md (lowercase prefix, mixed case)
- ADR-001_PostgreSQL.md (underscore instead of hyphen)
docs/adr/ for the highest number and increment.If your project uses a different convention (e.g. adr-NNNN- lowercase 4-digit, or 0001-... without prefix), override this section in your local copy of the skill and the agent. Mixing conventions in the same docs/adr/ directory is the worst outcome.
Group ADRs by architectural domain for navigation. The category list is project-specific; below is a neutral starting set you can replace:
In your docs/adr/README.md, replace these with categories that match your domain.
docs/adr/README.md index).Accepted ADR.Status: Proposed.ls docs/adr/ADR-*.md and increment).// See ADR-XXX for why we use this pattern.Proposed -> Accepted.Accepted. Date: YYYY-MM-DD.Accepted transition to ## Status History; never rewrite an earlier entry.## Related Decisions entry to any other ADR that newly relates.docs/adr/README.md with the new ADR in the right category.## Related Decisions: "Supersedes ADR-XXX (Title)".Superseded by ADR-YYY and append that transition to ## Status History.docs/adr/README.md to mark both ADRs.## Related Decisions: "Amends ADR-XXX (Title)".Amended by ADR-YYY (or leave as Accepted if the amend is content-additive).NEGATIVE
"This change violates ADR-NNN (Title).
Please refactor or write a superseding ADR."
POSITIVE
"This change aligns with ADR-NNN (Title). Good use of the documented pattern."
QUESTION
"This introduces a new architectural pattern.
Please create an ADR documenting the decision before merging."
STATUS NUDGE
"ADR-NNN is referenced but its Status is still 'Proposed'.
Please flip it to 'Accepted' since this PR implements it."
## ADR Compliance Checklist
- [ ] Changes reviewed against existing ADRs
- [ ] No violations of architectural decisions (or a superseding ADR is included)
- [ ] New ADR created if needed (Status: Proposed)
- [ ] ADR Status updated if this PR implements an existing ADR
- [ ] Code comments reference relevant ADRs at non-obvious enforcement sites
- [ ] docs/adr/README.md updated if a new ADR was added
- [ ] All four verification gates pass on any new or amended ADR
When a user explicitly makes an architectural choice, document it as a human decision so the attribution survives.
# ADR-XXX Title
## Status
Accepted. Date: YYYY-MM-DD.
**Decision Maker:** User: [Name or role] <- IMPORTANT: mark as human decision
## Context
[User's problem or request]
## Decision
**User Decision:** [What the user chose]
The user explicitly chose [X] over [Y] because [reason given].
## Alternatives Considered
[What was presented to the user]
### Alternative A: [Option presented]
**User Feedback:** [User's reasoning for or against]
### Alternative B: [Option presented]
**User Feedback:** [User's reasoning]
## Rationale
**User's stated reasons:**
- Reason 1
- Reason 2
**Technical context (from the agent):**
[Agent's analysis of the decision's technical implications. Useful for future readers who want the technical lens alongside the user's intent.]
The Decision Maker line is the load-bearing part: it tells future readers that the choice was a human one, not an agent-generated default.
WRONG (no example)
Use idempotent retry logic.
RIGHT (concrete example)
Use idempotent retry logic. Each request includes an Idempotency-Key
header derived from the client's request body hash, and the server
deduplicates within a 24-hour window.
Example client wrapper:
```python
def submit(payload):
key = hashlib.sha256(json.dumps(payload, sort_keys=True).encode()).hexdigest()
return http.post("/submit", json=payload, headers={"Idempotency-Key": key})
### Diagrams when helpful
[Client] -- POST /submit (with Idempotency-Key) --> [Gateway] | v [Dedup Cache (24h)] | cache miss | cache hit v | v [Worker] | [Return cached response] | | v | [Response] |
ASCII diagrams travel well across tools and reviewers.
---
## ADR Index Management
Maintain `docs/adr/README.md` as the navigation hub. Required sections:
1. **What are ADRs?** Brief explanation for new readers.
2. **Quick Navigation** with category counts.
3. **ADR Index**: full categorized list with one-line summaries.
4. **ADR Template**: link to or embed the template.
5. **Key Architectural Themes**: cross-cutting concerns referenced by multiple ADRs.
6. **Architectural Dependencies**: which ADRs depend on which.
7. **When to Create an ADR**: guidance for new contributors.
8. **Superseding ADRs**: how to handle changes.
9. **Resources**: links to ADR best practices and external references.
When adding a new ADR:
1. Add an entry under the appropriate category.
2. Update the category count in Quick Navigation.
3. Update "Foundational ADRs" if the new one is highly referenced.
4. Add cross-references in any older ADRs that relate.
---
## ADR Metrics and Maintenance
### Health indicators (healthy repository)
- All ADRs have a clear Status.
- Superseded ADRs reference their replacement.
- Code references match existing ADRs.
- README index is up to date.
- Recent ADRs include implementation dates.
- Each ADR has at least 2 alternatives documented.
### Needs attention
- Multiple ADRs with `Proposed` status for >30 days (review and accept or deprecate).
- ADR numbers with gaps (consolidate or document the gap).
- Code comments referencing non-existent ADRs (broken links).
- ADRs without an alternatives section (low quality).
- README categories that do not match actual ADRs (drift).
### Periodic review (quarterly)
---
## Quick Reference
### ADR creation checklist
```markdown
Creating a new ADR? Check these:
- [ ] Next sequential number assigned (check docs/adr/)
- [ ] Filename follows convention
- [ ] Status field present
- [ ] Date field present (YYYY-MM-DD)
- [ ] Decision Maker identified (Agent or User: Name)
- [ ] Context section explains the problem clearly
- [ ] At least 2 to 3 alternatives documented
- [ ] Pros and cons listed for each alternative
- [ ] "Why not chosen" for each rejected alternative
- [ ] Consequences section complete (positive, negative, risks)
- [ ] Code examples included (if applicable)
- [ ] Related ADRs referenced
- [ ] Implementation notes with affected files
- [ ] Added to docs/adr/README.md index
- [ ] Category assigned
- [ ] References / external links included
- [ ] Four verification gates pass
- Writing "we should use X" without explaining why
- Skipping alternatives ("this is the only way")
- No code examples for technical decisions
- Forgetting to update status after implementation
- Not referencing related ADRs
- Vague consequences ("it will be better")
- No decision maker attribution
- Missing constraints that drove the decision
- Modifying accepted ADRs instead of superseding
- Not updating README.md index
- Using jargon without defining it
- Being superficial: not digging into the "why" behind constraints
- Hiding negative consequences
- Writing marketing copy instead of honest technical analysis
- Skipping measurements ("faster" vs "68% latency reduction")
- Not explaining technical trade-offs in understandable terms
Ask these questions:
If you answered "No" to any of these, improve the ADR.
The full adr-kit toolset wraps this skill with three operational modes:
/adr-kit:init — one-shot bootstrap of the kit in an existing project: hooks CLAUDE.md, drops .claude/adr-kit-guide.md, runs bin/adr-audit to enumerate decision-shaped artefacts, walks the user through batched approval to generate Accepted ADRs, installs the pre-commit hook. Use this once per project./adr-kit:judge — in-session review of a staged git diff against existing ADRs. Runs the deterministic bin/adr-judge for declarative Enforcement rules, then evaluates llm_judge: true ADRs in the active Claude Code session. On violation, walks three resolution paths (new ADR / supersede / fix code)./adr-kit:install-hooks — install or uninstall the pre-commit hook. Default-on after /adr-kit:init (or /adr-kit:upgrade)./adr-kit:upgrade — for users on v0.11: migrate to the v0.12 footprint without re-running the heavy audit. Refreshes the CLAUDE.md stub + guide, installs the hook, walks Accepted ADRs offering Enforcement-block backfill./adr-kit:lint — validate ADR file content against the four verification gates (Completeness / Evidence / Clarity / Consistency). The deterministic CLI is bin/adr-lint; the skill drives the heuristic gates./adr-kit:migrate — rewrite legacy-shaped ADRs into the canonical seven-section template./adr-kit:adr) vs the others/adr-kit:adr (or invoke the adr-generator subagent)./adr-kit:judge. The model can self-call this before requesting a commit on the user's behalf./adr-kit:init./adr-kit:upgrade.The four verification gates and the supersession workflow defined in this file remain the source of truth — every other skill delegates to them, never duplicates them.
Every new Accepted ADR with a code surface SHOULD carry an ## Enforcement section so bin/adr-judge (run by the pre-commit hook) can guard the boundary against future drift. The block is a fenced JSON object validated against schemas/adr-enforcement.schema.json. Three patterns:
forbid_pattern, forbid_import, require_pattern) — preferred when the rule is mechanically expressible. Fastest at hook time, no LLM round-trip."llm_judge": true — for nuanced rules that need a model's judgement. As of v0.13.0 the pre-commit hook batches all llm_judge ADRs into ONE Claude Sonnet call (claude -p --model claude-sonnet-4-6) and blocks the commit on VIOLATION. Falls back to declarative-only when the claude CLI is missing — never blocks on tooling drift.Authoring is part of the agent's Step 3b (see agents/adr-generator.md). Code review applies Check 7 (see instructions/adr.review.md) to confirm the block is set appropriately.
Remember: ADRs are living documentation stored as docs-as-code in the same repository as the implementation. They should be consulted during development, referenced in code reviews, and evolved through supersession (not modification). Good ADRs make architectural decisions visible, understandable, and enforceable.