Governed autonomous development for AI coding agents.
Project description
Niyam
Governed autonomous development for AI coding agents.
One
.niyam/source of truth. Many AI runtimes. Policy-driven autonomy. Evidence-backed delivery.
[!NOTE] Niyam was previously developed under the Sutra codename. New projects should use
.niyam/.
What is Niyam?
Niyam turns any repository into a governed AI-development workspace with:
- Reusable agents — specialized AI roles (backend, frontend, security, QA)
- Skills — composable methodology packs (TDD, code review, planning)
- Commands — structured workflows (
/implement,/review,/ship) - Guardrails — command deny lists, approval gates, path restrictions
- Evidence — audit trails for every AI-assisted session
Installation
You can install Niyam CLI globally using pipx:
pipx install niyam
Alternatively, you can run it on the fly without installing using uvx:
uvx --from niyam niyam --help
For local development installation:
git clone https://github.com/sairintechnologycom/niyam.git
cd niyam
pip install -e .
Quick Start
# Initialize a workspace in your target repository
cd your-project
niyam init --profile fullstack --runtime claude
# Add Codex as a second runtime
niyam runtime add codex
# Detect your stack
niyam context refresh
# Validate setup
niyam policy validate
niyam doctor
# Sync changes to runtimes
niyam sync
Then open Claude Code and use:
/implement add login validation
/review
/ship
Commands
| Command | Description |
|---|---|
niyam init |
Initialize a governed workspace |
niyam sync |
Sync .niyam/ to configured runtimes |
niyam doctor |
Validate workspace integrity |
niyam context refresh |
Scan repo and update context |
niyam context show |
Display current context |
niyam context diff |
Show context changes |
niyam policy validate |
Validate policy files |
niyam guard enable |
Enable all guardrails |
niyam guard disable |
Disable guardrails |
niyam guard careful |
Enable destructive-command warnings |
niyam guard freeze <path> |
Restrict edits to a path |
niyam runtime add <runtime> |
Add a new runtime |
niyam report |
Generate evidence report |
niyam scan [path] |
[Experimental] Scan repository for readiness/risks |
niyam guard run -- <cmd> |
[Experimental] Run a command under observation |
niyam guard status |
[Experimental] Display guard settings and metrics |
niyam guard logs |
[Experimental] Show recent observed actions |
niyam mcp register |
[Experimental] Register a tool or MCP server |
niyam mcp list |
[Experimental] List registered tools/servers |
niyam mcp risk-report |
[Experimental] Report risks of registered tools |
niyam cost log |
[Experimental] Log token usage and model expenses |
niyam cost summary |
[Experimental] Display AI engineering cost summary |
niyam cost report |
[Experimental] View detailed breakdowns of expenses |
niyam evidence generate |
[Experimental] Generate local evidence & readiness report |
Enterprise Governance Capabilities
Niyam includes robust, local-first enterprise governance capabilities to bridge the "vibe-to-production" gap, audit agent actions, and compile compliance-ready evidence reports:
- Repository Scanning (
niyam scan): Evaluates repository readiness scores against strict quality and security profiles (startup,team,enterprise,regulated). - Action Governance (
niyam guard): Intercepts shell commands, redacts credentials in real-time, blocks destructive patterns, and enforces directory read-only freezes. - MCP & Tool Registry (
niyam mcp): Catalogs and heuristics-classifies risk profiles (low,medium,high,critical) for external Model Context Protocol servers. - AI Cost Tracking (
niyam cost): Logs LLM token metrics and session costs against a local rate-card table to prevent budget leaks. - Joint Evidence Compiler (
niyam evidence): Synthesizes readiness scores, observed logs, registered tools, and token pricing into a unified, audit-ready compliance document.
Governance Documentation Pack
For deep dives into policies, specifications, and architecture, refer to the following guides:
- 01. Product Requirements (PRD)
- 02. Technical Architecture
- 03. Security & Access Governance
- 04. CLI & CI/CD Specification
- 05. Feature Implementation Tickets
- 06. Backward Compatibility & Migration Plan
Architecture
.niyam/ ← Source of truth (you own this)
├── niyam.yaml ← Workspace config
├── project.yaml ← Stack and validation
├── runtimes.yaml ← Runtime settings
├── context/ ← AI project context
├── agents/ ← Agent role definitions
├── skills/ ← Composable skill packs
├── commands/ ← Slash command workflows
├── policies/ ← Guardrails and approval gates
└── evidence/ ← Audit trails
CLAUDE.md ← Generated for Claude Code
.claude/ ← Generated for Claude Code
AGENTS.md ← Generated for Codex CLI
Profiles
| Profile | Agents | Best For |
|---|---|---|
fullstack |
backend, frontend, security, QA | Full-stack web apps |
backend |
backend, security, QA | API/service projects |
frontend |
frontend, QA | Frontend-only projects |
Roadmap
See ROADMAP.md for the detailed vision, target architecture, and target build phases.
License
MIT
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file niyam-0.4.2.tar.gz.
File metadata
- Download URL: niyam-0.4.2.tar.gz
- Upload date:
- Size: 578.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
3ddd72706fdeef290bf46a2ab86086e8d746421990d51f4bbb038546d72027e1
|
|
| MD5 |
7dc8fa1e524e70b3262c2f3c6d10adf8
|
|
| BLAKE2b-256 |
5bf9e4bf9014f0f4e0059a86d2bfaa71f69fda246c003bcb7022da82aed7ec4a
|
Provenance
The following attestation bundles were made for niyam-0.4.2.tar.gz:
Publisher:
release.yml on sairintechnologycom/niyam
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
niyam-0.4.2.tar.gz -
Subject digest:
3ddd72706fdeef290bf46a2ab86086e8d746421990d51f4bbb038546d72027e1 - Sigstore transparency entry: 1738426515
- Sigstore integration time:
-
Permalink:
sairintechnologycom/niyam@1f9de45d66a9e90ff6c18f1ea09660ed87971966 -
Branch / Tag:
refs/tags/v0.4.2 - Owner: https://github.com/sairintechnologycom
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@1f9de45d66a9e90ff6c18f1ea09660ed87971966 -
Trigger Event:
push
-
Statement type:
File details
Details for the file niyam-0.4.2-py3-none-any.whl.
File metadata
- Download URL: niyam-0.4.2-py3-none-any.whl
- Upload date:
- Size: 307.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
6f2a4ddd8e25b47bbb851c55389d615e61d08f7b6e0fd327398a1bda255c9ad5
|
|
| MD5 |
4580908e18c9e488cc0388d90b4ef4ef
|
|
| BLAKE2b-256 |
154264eed9426af160263f2e3f7a314fe81ea367ea54694c7b3f1a355b28305b
|
Provenance
The following attestation bundles were made for niyam-0.4.2-py3-none-any.whl:
Publisher:
release.yml on sairintechnologycom/niyam
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
niyam-0.4.2-py3-none-any.whl -
Subject digest:
6f2a4ddd8e25b47bbb851c55389d615e61d08f7b6e0fd327398a1bda255c9ad5 - Sigstore transparency entry: 1738426519
- Sigstore integration time:
-
Permalink:
sairintechnologycom/niyam@1f9de45d66a9e90ff6c18f1ea09660ed87971966 -
Branch / Tag:
refs/tags/v0.4.2 - Owner: https://github.com/sairintechnologycom
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@1f9de45d66a9e90ff6c18f1ea09660ed87971966 -
Trigger Event:
push
-
Statement type: