ProdReady gives your team and AI clear standards to ship secure, reliable, accessible software from day one.
// how it works
Start fast with practical defaults. Works for builders using AI tools or writing code directly.
Scan for security, privacy, reliability, and documentation gaps. Get a score with clear, actionable findings.
$ npx @chrisadolphus/prodready auditUse all templates or choose a focused profile: auto-detect with --auto, include-only with --only, or skip domains with --exclude.
Point your AI agent to standards/. It follows the rules on every generated change.
// what's included
Readable standards for humans and AI agents. Clear rules, practical checks, and fewer production surprises.
Secrets management, input validation, rate limiting, security headers, and AI/LLM-specific attack vectors.
Data minimisation, user deletion flows, PII in logs, cookie consent, GDPR baseline for all jurisdictions.
Password hashing with argon2, token expiry, email verification, passkeys (WebAuthn), and RBAC.
PCI compliance, webhook signature verification, dunning sequences, receipts, and cancellation flows.
Error monitoring, database backup strategies, uptime monitoring, deployment pipelines, and logging.
WCAG 2.2 AA compliance — alt text, keyboard navigation, colour contrast, semantic HTML, and forms.
Empty states, loading states, error states, destructive action confirmation, and success feedback patterns.
Versioning from day one, pagination, consistent response shapes, idempotency, and safe data exposure.
SPF/DKIM/DMARC setup, unsubscribe compliance, transactional vs marketing infrastructure, link expiry.
README standards, code comments, changelog format, environment variable docs, and architecture records.
// built for
Use it as your baseline policy layer. Your team and AI get the same standards in every repo.
Ship faster with AI while keeping a clear quality baseline for security, reliability, and docs.
Get production-ready standards quickly without weeks of policy writing.
Give AI agents guardrails so generated features follow your standards by default.
Set a strong baseline before your first customer review, security audit, or enterprise deal.
Align contributors around shared standards without maintaining a giant policy handbook.
Start with structured policies for compliance and due diligence, then adapt to your org.
// works with your AI agent
AI tools build quickly, but without guardrails they miss important checks.
ProdReady puts standards in your repo so agents can follow them consistently on every change.
// commands
Use simple defaults locally, then enforce quality in CI with explicit pass/fail thresholds.
Run a readable audit locally, or add --format json for CI and automation.
Auto-select standards for your project profile. You can also use --only or --exclude for manual control.
Enforce CI gates. Fail builds when severity, score, or core-standard requirements are missed.
Check which installed standards are current and which need updates.
Free and open source. Start with one command, then scale to enforceable CI checks.