traceweaver-core

TraceWeaver Core

Open-source systems engineering traceability for agentic software development.

TraceWeaver Core is a systems-engineering control layer for agentic software development. Its core role is to preserve intent, authority, and traceability as agents move from stakeholder needs to requirements, plans, code, tests, and release decisions.

The problem TraceWeaver solves is that agents can move very fast, but they often blur the chain between:

what the stakeholder asked for
-> what the agent interpreted
-> what got implemented

TraceWeaver forces a controlled chain:

stakeholder intent
-> captured needs
-> reviewed requirements
-> approved authority or approved exception
-> implementation
-> verification
-> validation
-> change control

The key principle is:

Agents may help create requirements, plans, code, tests, and evidence, but they may not silently promote their own interpretation into authority.

The current wedge is:

Meaningful behaviour must trace to approved authority, or it is not ready to implement, approve, or ship.

The code-level gate is:

Every meaningful behavior-bearing unit must trace to approved authority and verification evidence.

In practice, a behavior-bearing skill, workflow wrapper, command, script, function, method, or class cannot be treated as done until the traceability matrix names the requirement or approved exception that authorizes it, the implementation location, and the verification evidence that proves it.

In simple terms: TraceWeaver keeps agentic development aligned to the original intent, proves that implementation traces back to approved requirements, and records gaps, risks, assumptions, and changes instead of letting them become hidden authority.

TraceWeaver is useful when a codebase has grown faster than its memory. It helps answer practical engineering questions:

• why does this module exist?
• which requirement or decision does this behavior serve?
• which test or smoke proves the behavior still works?
• is this code still current, or did the requirement move on?
• are two places doing the same thing for unclear reasons?
• did an agent add plausible code that no one actually authorized?

The goal is not paperwork for its own sake. The goal is a codebase where intent is visible enough that humans and agents can safely change it.

TraceWeaver calls these common problems out explicitly:

Problem	What TraceWeaver looks for
Lost intent	Code, tests, or workflow behavior that no longer links back to a current stakeholder need, requirement, exception, validation question, or decision.
Dark code	Behavior-bearing files or entrypoints with no approved authority anchor or matrix row.
Orphaned code	Source-level anchors that are not reachable from traceability-matrix.md evidence.
Abandoned or obsolete code	Behavior linked to stale, held, retired, superseded, or missing requirements.
Duplicate or similar behavior	Multiple artifacts with similar behavior under the same or unclear authority.
Anchor-only coverage	Code has a trace comment, but no verification implementation, procedure, result, or held-validation record.
Dead TDD	Tests or smokes that still verify a requirement that no longer exists or is no longer approved.

TraceWeaver is intended to become a standalone plugin that can replace the installed Compound Engineering plugin for this workflow. It is based on the selected CE planning, work, review, and learning surface, but TraceWeaver adds the controlling authority layer: Intent Contract, requirements baseline, traceability matrix, verification evidence, validation questions, and explicit gap/change/exception handling.

Naming Model

Name	Role
TraceWeaver Core	Open-source method, standalone alpha plugin, skills, templates, and validation protocol
TraceWeaver Enterprise	Paid commercial product for larger-project governance
TraceWeaver Cloud	Hosted MCP/API service

TraceWeaver Core should stay usable without the future paid layer. The paid Enterprise and Cloud products should make the same method scalable through relationship storage, dashboards, governance, hosted services, audit logs, and integrations.

Architecture Layers