Intermediate · ~15 minutes

Custom Reviewers & Constitution

Learn how to configure built-in reviewers, create your own custom reviewers, and add constitution policies to govern AI-generated code. By the end you'll have a HIPAA compliance reviewer and a project constitution.

1 Configure Built-in Reviewers

Prodara ships with 9 built-in reviewers. By default, 7 are enabled and 2 (adversarial, edge-case) are disabled. Configure them in prodara.config.json:

prodara.config.json

{
  "reviewers": {
    "architecture": { "enabled": true },
    "quality": { "enabled": true },
    "codeQuality": { "enabled": true },
    "specification": { "enabled": true },
    "ux": { "enabled": true },
    "security": { "enabled": true },
    "testQuality": { "enabled": true },
    "adversarial": { "enabled": true },
    "edgeCase": { "enabled": false }
  }
}

ℹ️

Run prodara review to execute all enabled reviewers against your spec.

2 Create a Custom Reviewer

Create a YAML file in .prodara/reviewers/ to define a custom reviewer. The reviewer will be automatically discovered and included in the review pipeline.

.prodara/reviewers/hipaa.yml

id: hipaa
name: HIPAA Compliance
perspective: >
  You are a HIPAA compliance expert. Review all entities for
  proper PHI handling. Check that health data fields have
  encryption at rest and access logging. Flag any entity that
  stores patient data without proper authorization rules.
enabled: true

Or define custom reviewers inline in your config:

prodara.config.json

{
  "reviewers": {
    "custom": {
      "id": "hipaa",
      "name": "HIPAA Compliance",
      "perspective": "You are a HIPAA compliance expert...",
      "enabled": true
    }
  }
}

3 Add a Constitution

The constitution defines governance policies that AI agents must follow when generating code. Add one to your config:

prodara.config.json

{
  "constitution": {
    "policies": [
      "All PII fields must be encrypted at rest",
      "Every entity with user data must have an audit trail",
      "No direct database access — all mutations go through workflows",
      "All API endpoints require authentication"
    ]
  }
}

💡

The constitution is injected into the /prodara prompt automatically. Your AI agent reads it before generating any implementation.

4 Run the Review Pipeline

Build and review your project. The custom HIPAA reviewer now runs alongside the built-in reviewers:

# Build and review
prodara build --format json ./project

# Or just run the review step
prodara review --format json ./project

The review output includes findings from all active reviewers, including your custom one. The fix loop automatically attempts to resolve any issues found.

Next Steps

Read the full Reviewers & Constitution reference
Create an extension to package your reviewer for other projects
Use Party mode to see all reviewers discuss a topic