Skip to content
NBS Workshop

Run the nine-agent pipeline in Claude Code

Take this guide offline

Download Workshop 2 (.md)

Run the AI Guardrail Lab pipeline — ten specialist agents that ingest real AI incidents, derive root causes and threat models, design guardrails, and produce a final report — directly inside Claude Code on a local terminal. No platform install needed; each agent reads its own instruction bundle and writes structured outputs to workshop-outputs/.

What you’ll produce

By the end you will have a workshop-outputs/ tree containing:

  • data/ — JSONL evidence from every stage: incidents, root causes, threat models, guardrails, dev-process controls, policies, hooks, audit evidence, critic findings
  • policies/ + claude-hooks/ — machine-readable artifacts ready to commit
  • 01-incident-registry.md through 09-critic-review.md — one markdown handoff per agent
  • final-report.md + readiness-checklist.md — the orchestrator’s consolidated output
  • dashboard/ — a static dashboard you can serve locally

Total time: 30 – 45 minutes of agent runtime, plus a few minutes of operator review between stages.

Prerequisites

  • Claude Code installed and authenticated — see Claude Code setup
  • git installed — verify with git --version
  • Read access to github.com/metaweavehq/ai-guardrail-lab
  • ~500 MB of free disk space

1. Clone the package

The clone itself creates the working directory:

Terminal window
git clone https://github.com/metaweavehq/ai-guardrail-lab.git ai-guardrail-workshop
cd ai-guardrail-workshop

2. Install the workshop skill

Claude Code reads project skills from .claude/skills/. The package ships the skill at skills/workshop-artifacts/ — copy it into place:

Terminal window
mkdir -p .claude/skills workshop-outputs/data
cp -R skills/workshop-artifacts .claude/skills/workshop-artifacts

The working directory should now look like:

ai-guardrail-workshop/
├─ agents/
│  ├─ incident-collector-agent/
│  │  ├─ AGENTS.md
│  │  ├─ HEARTBEAT.md
│  │  ├─ SOUL.md
│  │  └─ TOOLS.md
│  ├─ root-cause-agent/
│  ├─ threat-modeling-agent/
│  ├─ guardrail-designer-agent/
│  ├─ dev-process-integration-agent/
│  ├─ policy-as-code-agent/
│  ├─ claude-hook-agent/
│  ├─ evidence-audit-agent/
│  ├─ critic-agent/
│  └─ workshop-orchestrator-agent/
├─ .claude/skills/workshop-artifacts/
│  ├─ SKILL.md
│  ├─ references/
│  └─ templates/
└─ workshop-outputs/
   └─ data/

3. Start Claude Code

From inside the working directory:

Terminal window
claude

Each agent runs by pasting the matching prompt below. Wait for each to finish before pasting the next.

4. The pipeline at a glance

Ten agents run sequentially. Each reads the previous agent’s outputs and writes its own.

#AgentOutput
1Incident Collectordata/incidents.jsonl + 01-incident-registry.md
2Root Causedata/root-causes.jsonl + 02-root-cause-analysis.md
3Threat Modelingdata/threat-models.jsonl + 03-threat-models.md
4Guardrail Designerdata/guardrails.jsonl + 04-guardrail-design.md
5Dev Process Integrationdata/dev-process-controls.jsonl + 05-dev-process-integration.md
6Policy-as-Codedata/policy-as-code.jsonl + policies/ + 06-policy-as-code.md
7Claude Hookdata/claude-hooks.jsonl + claude-hooks/ + 07-claude-hooks.md
8Evidence and Auditdata/audit-evidence.jsonl + 08-evidence-audit.md
9Criticdata/critic-findings.jsonl + 09-critic-review.md
10Workshop Orchestratorfinal-report.md + readiness-checklist.md

5. The prompt template

Every agent uses the same prompt shape. Substitute <AGENT-NAME>, <AGENT-FOLDER>, and <TASK> from the per-agent sections that follow.

You are the <AGENT-NAME> for the AI Incident Analysis and Guardrail Design workshop.


First read and follow these instruction files:
- agents/<AGENT-FOLDER>/AGENTS.md
- agents/<AGENT-FOLDER>/HEARTBEAT.md
- agents/<AGENT-FOLDER>/SOUL.md
- agents/<AGENT-FOLDER>/TOOLS.md


Also use the workshop-artifacts skill from .claude/skills/workshop-artifacts.


Standalone terminal mode:
- Do not call LifeOSAI APIs.
- Do not check out, update, comment on, or close LifeOSAI tasks.
- Do not require LIFEOSAI_* environment variables.
- Treat HEARTBEAT.md as workflow and output guidance only; skip LifeOSAI runtime steps.
- Write files directly under workshop-outputs/.


Task:
<TASK>

Each agent below shows the Agent name, Folder, and Task — drop those into the template, paste into Claude Code, and wait for completion.

6. Agent 1 · Incident Collector

Folderincident-collector-agent Task — Create the initial incident evidence registry for the workshop. Collect 5 verified GenAI, LLM, coding-agent, or agentic-AI incidents from the last 6 months. Use discovery agents first, then independent verifier agents. Write the required JSONL, markdown, research, and dashboard artifacts under workshop-outputs/. Before writing final incidents, reject weak, duplicated, generic, or out-of-window candidates.

Expected outputs:

  • workshop-outputs/data/incidents.jsonl
  • workshop-outputs/research/incident-candidates.jsonl
  • workshop-outputs/research/incident-verification.jsonl
  • workshop-outputs/01-incident-registry.md
  • workshop-outputs/dashboard/

7. Agent 2 · Root Cause

Folderroot-cause-agent Task — Analyze the collected incident corpus and produce the root-cause analysis handoff. Use workshop-outputs/data/incidents.jsonl and workshop-outputs/01-incident-registry.md as the input. Separate observed facts, technical causes, process causes, organizational causes, uncertainty, and evidence gaps.

Expected outputs:

  • workshop-outputs/data/root-causes.jsonl
  • workshop-outputs/02-root-cause-analysis.md

8. Agent 3 · Threat Modeling

Folderthreat-modeling-agent Task — Review the incident and root-cause artifacts, cluster them into recurring threat groups, map those groups to MITRE ATLAS where supported, and produce the threat-modeling handoff. Prefer reusable threat groups over per-incident models unless the agent instructions require otherwise.

Expected outputs:

  • workshop-outputs/data/threat-models.jsonl
  • workshop-outputs/03-threat-models.md

9. Agent 4 · Guardrail Designer

Folderguardrail-designer-agent Task — Review the incident, root-cause, and threat-model artifacts and design concrete guardrails. Cover preventive controls, detection controls, blocking controls, audit controls, approval gates, enforcement points, required evidence, residual risks, and implementation handoff notes.

Expected outputs:

  • workshop-outputs/data/guardrails.jsonl
  • workshop-outputs/04-guardrail-design.md

10. Agent 5 · Dev Process Integration

Folderdev-process-integration-agent Task — Review the guardrail design artifacts and map them into PDLC, SDLC, Claude Code, and Claude Agent SDK process controls. Include product risk checkpoints, design reviews, implementation gates, code review / test / CI / release controls, SDK options, permission modes, allowed and disallowed tools, hooks, approval routing, audit checkpoints, session handling, and subagent controls.

Expected outputs:

  • workshop-outputs/data/dev-process-controls.jsonl
  • workshop-outputs/05-dev-process-integration.md

11. Agent 6 · Policy-as-Code

Folderpolicy-as-code-agent Task — Review the PDLC, SDLC, and Claude Agent SDK process controls and convert them into machine-readable policy-as-code artifacts. Produce policy files for agent guardrail profiles, tool permissions, protected paths, approval routing, audit events, and any other policy families required by the instruction files.

Expected outputs:

  • workshop-outputs/data/policy-as-code.jsonl
  • workshop-outputs/06-policy-as-code.md
  • workshop-outputs/policies/

12. Agent 7 · Claude Hook

Folderclaude-hook-agent Task — Review the policy-as-code artifacts and produce Claude Agent SDK hook prototypes for the workshop. Cover user-prompt classification, pre-tool-use blocking and approvals, post-tool-use audit validation, permission-request routing, subagent lifecycle controls, session-end audit closure, and hook configuration examples.

Expected outputs:

  • workshop-outputs/data/claude-hooks.jsonl
  • workshop-outputs/07-claude-hooks.md
  • workshop-outputs/claude-hooks/

13. Agent 8 · Evidence and Audit

Folderevidence-audit-agent Task — Review the Claude hook prototypes and all prior workshop artifacts. Build the evidence and audit handoff, including traceability, decision rationale, references, check results, approval history, retention notes, redaction notes, and audit gaps.

Expected outputs:

  • workshop-outputs/data/audit-evidence.jsonl
  • workshop-outputs/08-evidence-audit.md

14. Agent 9 · Critic

Foldercritic-agent Task — Review the complete workshop prototype. Find evidence gaps, weak assumptions, missing threat coverage, incomplete guardrails, unenforceable policies, hook implementation gaps, audit traceability gaps, dashboard issues, and final report risks. Produce the final critique, gap register, remediation plan, and readiness checklist.

Expected outputs:

  • workshop-outputs/data/critic-findings.jsonl
  • workshop-outputs/09-critic-review.md

15. Agent 10 · Workshop Orchestrator

Folderworkshop-orchestrator-agent Task — Coordinate the full workshop pipeline. Inspect all specialist outputs, verify artifact handoffs, check dashboard readiness, route any rework to the right stage, and prepare the final workshop report and demo readiness material.

Expected outputs:

  • workshop-outputs/final-report.md
  • workshop-outputs/readiness-checklist.md

16. Verify the run

List every file generated:

Terminal window
find workshop-outputs -maxdepth 3 -type f | sort

Check JSONL line counts (one row per incident, threat group, guardrail, etc.):

Terminal window
wc -l workshop-outputs/data/*.jsonl

Serve the dashboard locally:

8080/workshop-outputs/dashboard/
python3 -m http.server 8080

17. Troubleshooting

The workshop-artifacts skill is missing. Confirm it exists at .claude/skills/workshop-artifacts/SKILL.md, and that it includes the references/ and templates/ folders alongside SKILL.md.

An agent cannot find its instruction files. Confirm the agents/ folder is directly inside the working directory, and that each agent folder contains all four files — AGENTS.md, HEARTBEAT.md, SOUL.md, TOOLS.md.

A downstream agent cannot run. Run the previous agent first. Confirm the expected JSONL input exists under workshop-outputs/data/.

The dashboard already exists. Use it — do not replace. Later agents should only update the shared dashboard when the workshop-artifacts contract requires it.

Next: Day 2 · Orchestration + the nine agents →