Skip to content

Instantly share code, notes, and snippets.

@craftybones
Last active June 25, 2026 05:33
Show Gist options
  • Select an option

  • Save craftybones/4b43ac03be964340e29f3b87f24aebce to your computer and use it in GitHub Desktop.

Select an option

Save craftybones/4b43ac03be964340e29f3b87f24aebce to your computer and use it in GitHub Desktop.
Writing Agent specs

Introduction

This document provides a framework for writing comprehensive specifications for software features and AI agents.

A good specification does more than describe functionality. It explains why a capability exists, what it is responsible for, how it behaves, how it will operate in production, and how it will evolve over time.

A specification should allow a new engineer, product manager, designer, operator, or AI agent to understand the system without relying on tribal knowledge or external context.

Every section in this guide contributes to answering one of five questions:

  1. Why are we building this?
  2. What does it do?
  3. How does it behave?
  4. How will it operate in production?
  5. How will it evolve?

The guide is organized around those questions.


Part I — Why Does This Feature Exist?

Before discussing implementation details, establish why the capability should exist. These sections explain the problem being solved, the value being created, and the outcomes that define success.

1. Purpose & Objectives

Purpose

Describe why the capability exists.

Questions Answered

  • What problem are we solving?
  • Why is this worth building?
  • What outcomes are expected?
  • How will success be defined?

Include

  • Problem statement
  • Business rationale
  • User value proposition
  • Strategic objectives
  • Success criteria

Reader Outcome

A reader should understand why the feature should be built.


2. Scope & Boundaries

Purpose

Define the limits of the capability.

Questions Answered

  • What is included?
  • What is excluded?
  • What is intentionally deferred?

Include

In Scope

Features included in the current release.

Out of Scope

Capabilities explicitly excluded.

Future Scope

Capabilities expected in future releases.

Assumptions

Constraints and assumptions regarding surrounding systems.

Reader Outcome

A reader should understand what the feature is and is not responsible for.


3. Stakeholders & Users

Purpose

Identify everyone who interacts with or is affected by the capability.

Questions Answered

  • Who benefits?
  • Who operates the system?
  • Who owns the outcomes?

Include

For each stakeholder:

  • Role
  • Goals
  • Responsibilities
  • Expectations

Typical stakeholders:

  • End users
  • Administrators
  • Moderators
  • Product teams
  • Engineering teams
  • External systems

Reader Outcome

A reader should understand who cares about the capability and why.


4. Agent Overview

Purpose

Provide a concise executive summary.

Questions Answered

  • What is this capability?
  • How does it work at a high level?
  • What are its primary responsibilities?

Include

  • Feature name
  • One-sentence description
  • Core workflow
  • Major responsibilities
  • High-level architecture summary

Reader Outcome

A reader should understand the capability in under two minutes.


5. Inputs & Context

Purpose

Describe everything available to the system.

Questions Answered

  • What information can the system access?
  • What information is required?
  • What information is optional?

Include

  • User inputs
  • External inputs
  • System state
  • Environmental context
  • Configuration
  • Runtime constraints

Reader Outcome

A reader should understand what information drives behavior.


6. Outputs & Deliverables

Purpose

Define what the system produces.

Questions Answered

  • What does success generate?
  • What do users receive?
  • What do downstream systems receive?

Include

  • User-facing outputs
  • Notifications
  • Data updates
  • Reports
  • Artifacts
  • API responses

Reader Outcome

A reader should understand the results produced by the capability.


Part II — What Does The Feature Do?

Now that the motivation is clear, define the responsibilities and boundaries of the capability itself.

7. Capabilities & Responsibilities

Purpose

Define what the system can do.

Questions Answered

  • What functionality is provided?
  • What obligations does the system have?

Include

  • Functional capabilities
  • Responsibilities
  • Service guarantees
  • Required behaviors

Focus on what the capability does, not how it is implemented.

Reader Outcome

A reader should understand the functional contract of the feature.


8. Non-Goals & Prohibited Actions

Purpose

Define what the system must not do.

Questions Answered

  • What is intentionally unsupported?
  • What actions are prohibited?

Include

  • Non-goals
  • Unsupported behavior
  • Policy restrictions
  • Security limitations
  • Regulatory constraints

Reader Outcome

A reader should understand where the capability's authority ends.


9. Operating Environment

Purpose

Describe where the capability executes.

Questions Answered

  • Where does the system run?
  • What environmental constraints exist?

Include

  • Platforms
  • Deployment targets
  • Infrastructure
  • Runtime environments
  • Availability zones
  • Network assumptions

Reader Outcome

A reader should understand the execution environment.


10. Tools & Integrations

Purpose

Document dependencies.

Questions Answered

  • What systems are required?
  • How does the capability interact with them?

Include

For each integration:

  • Name
  • Purpose
  • Owner
  • Authentication model
  • Reliability expectations
  • Failure considerations

Reader Outcome

A reader should understand all external dependencies.


11. Knowledge Sources & Data Access

Purpose

Describe where information originates.

Questions Answered

  • What information sources are used?
  • How trustworthy are they?

Include

For each source:

  • Owner
  • Access method
  • Update frequency
  • Trust level
  • Access controls

Reader Outcome

A reader should understand the provenance of system knowledge.


Part III — How Does It Behave?

These sections explain how the capability operates during normal execution and exceptional situations.

12. Decision-Making Framework

Purpose

Describe how choices are made.

Questions Answered

  • How are alternatives evaluated?
  • How are priorities determined?
  • When is escalation required?

Include

  • Rules
  • Prioritization logic
  • Confidence thresholds
  • Escalation criteria
  • Decision hierarchy

Reader Outcome

A reader should understand how the system reaches conclusions.


13. Workflows & Behaviors

Purpose

Describe end-to-end execution.

Questions Answered

  • What happens during normal operation?
  • What alternate paths exist?

Include

  • Primary workflow
  • Alternate workflows
  • Edge cases
  • State transitions
  • Sequence diagrams
  • Process diagrams

Reader Outcome

A reader should understand operational behavior.


14. Human-in-the-Loop Interactions

Purpose

Describe where humans participate.

Questions Answered

  • When is human involvement required?
  • What actions can humans override?

Include

  • Reviews
  • Approvals
  • Escalations
  • Overrides
  • Manual corrections

Reader Outcome

A reader should understand the human role in the workflow.


15. Safety, Security & Compliance

Purpose

Define safeguards.

Questions Answered

  • How are users protected?
  • What compliance obligations exist?

Include

  • Security controls
  • Privacy requirements
  • Compliance obligations
  • Audit requirements
  • Abuse prevention
  • Data handling requirements

Reader Outcome

A reader should understand how risk is controlled.


16. Error Handling & Recovery

Purpose

Define behavior during failures.

Questions Answered

  • What can fail?
  • How does recovery occur?

Include

  • Failure scenarios
  • Retries
  • Fallbacks
  • Escalation behavior
  • User messaging

Reader Outcome

A reader should understand resilience and recovery.


17. Memory & State Management

Purpose

Describe persistence requirements.

Questions Answered

  • What information is retained?
  • For how long?
  • Under what conditions?

Include

  • Session state
  • Long-term memory
  • Caching
  • Persistence
  • Retention policies
  • Cleanup rules

Reader Outcome

A reader should understand how state evolves over time.


Part IV — How Does It Run In Production?

18. Performance Requirements

Purpose

Define measurable operational targets.

Include

  • Latency targets
  • Throughput targets
  • Availability objectives
  • Scalability requirements

Reader Outcome

A reader should understand performance expectations.


19. Monitoring, Logging & Observability

Purpose

Define how operational health is measured.

Include

  • Metrics
  • Logs
  • Traces
  • Dashboards
  • Alerts
  • Incident thresholds

Reader Outcome

A reader should understand how issues are detected.


20. Evaluation & Success Metrics

Purpose

Define success measurement.

Include

  • Adoption metrics
  • Quality metrics
  • Reliability metrics
  • Business metrics
  • User metrics

Reader Outcome

A reader should understand how success is evaluated.


21. Testing & Validation

Purpose

Describe how correctness is verified.

Include

  • Unit testing
  • Integration testing
  • Security testing
  • Load testing
  • User acceptance testing
  • AI evaluations
  • Benchmarking

Reader Outcome

A reader should understand how quality is established.


22. Deployment & Operations

Purpose

Describe how the capability reaches production.

Include

  • Release strategy
  • Rollout plan
  • Rollback plan
  • Operational ownership
  • Incident procedures

Reader Outcome

A reader should understand how the capability is operated.


Part V — How Is It Governed And Evolved?

23. Governance & Change Management

Purpose

Define ownership and decision-making authority.

Include

  • Owners
  • Approval process
  • Review process
  • Versioning strategy
  • Change control procedures

Reader Outcome

A reader should understand who governs the capability.


24. Risks, Assumptions & Dependencies

Purpose

Document uncertainty.

Include

For each risk:

  • Description
  • Likelihood
  • Impact
  • Mitigation

Also include:

  • Assumptions
  • Constraints
  • Dependencies

Reader Outcome

A reader should understand threats to success.


25. Open Questions & Future Enhancements

Purpose

Capture unresolved issues and future opportunities.

Include

  • Open questions
  • Pending decisions
  • Research items
  • Future roadmap ideas

Reader Outcome

A reader should understand what remains uncertain and what may come next.


Part VI — Reference Material

Reference material supports implementation but should not interrupt the narrative flow of the specification.

26. Appendix (Examples, Prompt Templates, Schemas)

Purpose

Provide supporting implementation detail.

Include

  • API contracts
  • Schemas
  • Data models
  • Example requests
  • Example responses
  • Prompt templates
  • Diagrams
  • Glossaries
  • Reference links

Reader Outcome

A reader should find all supporting implementation material needed to build or integrate with the capability.


Specification Litmus Test

A completed specification should enable a new engineer, product manager, designer, operator, or AI agent to answer five questions:

  1. Why are we building this?
  2. What exactly should it do?
  3. How should it behave in every situation?
  4. How will we operate and measure it?
  5. How will we maintain and evolve it?

If the specification does not answer all five questions, it is incomplete.

  1. Purpose & Objectives
  2. Scope & Boundaries
  3. Stakeholders & Users
  4. Agent Overview
  5. Inputs & Context
  6. Outputs & Deliverables
  7. Capabilities & Responsibilities
  8. Non-Goals & Prohibited Actions
  9. Operating Environment
  10. Tools & Integrations
  11. Knowledge Sources & Data Access
  12. Decision-Making Framework
  13. Workflows & Behaviors
  14. Human-in-the-Loop Interactions
  15. Safety, Security & Compliance
  16. Error Handling & Recovery
  17. Memory & State Management
  18. Performance Requirements
  19. Monitoring, Logging & Observability
  20. Evaluation & Success Metrics
  21. Testing & Validation
  22. Deployment & Operations
  23. Governance & Change Management
  24. Risks, Assumptions & Dependencies
  25. Open Questions & Future Enhancements
  26. Appendix (Examples, Prompt Templates, Schemas)

Image Upload Feature Specification

1. Purpose & Objectives

Enable users to upload, store, and display images within posts and comments.

Objectives:

  • Increase engagement through visual content.
  • Support image-centric communities.
  • Provide a reliable and safe image-sharing experience.
  • Ensure scalable storage and delivery.

2. Scope & Boundaries

In Scope

  • Upload images from web and mobile clients.
  • Attach images to posts.
  • Image viewing within feeds and post detail pages.
  • Image storage and CDN delivery.
  • Image moderation and validation.

Out of Scope

  • Video uploads.
  • GIF generation/editing.
  • Image editing tools.
  • AI image generation.
  • Private image galleries.

3. Stakeholders & Users

End Users

  • Create image posts.
  • View uploaded images.

Moderators

  • Review reported images.
  • Remove policy-violating content.

Platform Administrators

  • Manage storage, moderation, and compliance.

Engineering Teams

  • Frontend
  • Backend
  • Infrastructure
  • Trust & Safety

4. Agent Overview

Feature Name: Image Uploads

Primary User Goal: Allow a user to publish visual content alongside text.

Core User Journey:

  1. User creates a post.
  2. User selects image(s).
  3. Images upload successfully.
  4. User submits post.
  5. Other users view images.

5. Inputs & Context

User Inputs

  • Image files
  • Post title
  • Post body

Supported Formats

  • JPEG
  • PNG
  • WEBP

Metadata Collected

  • File size
  • Dimensions
  • MIME type
  • Upload timestamp

6. Outputs & Deliverables

User-Facing Outputs

  • Image preview
  • Upload progress indicator
  • Uploaded image within post

System Outputs

  • Stored image asset
  • Thumbnail variants
  • Moderation metadata
  • Audit logs

7. Capabilities & Responsibilities

Feature Capabilities

  • Upload image files
  • Validate file format
  • Generate thumbnails
  • Display images in feeds
  • Retry failed uploads

Responsibilities

  • Prevent unsupported uploads
  • Ensure performant image delivery
  • Maintain image availability

8. Non-Goals & Prohibited Actions

Non-Goals

  • Image manipulation
  • OCR extraction
  • Face recognition

Prohibited Content

  • Illegal content
  • Malware
  • Explicit content violating platform policy

9. Operating Environment

Clients

  • Web
  • iOS
  • Android

Infrastructure

  • Object storage
  • CDN
  • Moderation service
  • Metadata database

10. Tools & Integrations

External Services

  • Cloud object storage
  • CDN
  • Image processing service
  • Content moderation service

Internal Services

  • Authentication service
  • Post service
  • Notification service

11. Knowledge Sources & Data Access

Data Sources

  • User account data
  • Community settings
  • Moderation policies

Access Controls

  • Authenticated uploads only
  • Role-based moderation access

12. Decision-Making Framework

Upload Acceptance Rules

Accept if:

  • User authenticated
  • File format supported
  • File size within limits
  • Malware scan passed

Reject if:

  • Unsupported file type
  • Corrupted file
  • Exceeds size limits
  • Policy violation detected

13. Workflows & Behaviors

Upload Workflow

  1. User selects image.
  2. Client validates file.
  3. Upload begins.
  4. Backend validates upload.
  5. Image stored.
  6. Thumbnails generated.
  7. Moderation checks executed.
  8. Asset URL returned.
  9. User publishes post.

Failure Workflow

  1. Upload fails.
  2. Error displayed.
  3. Retry option offered.

14. Human-in-the-Loop Interactions

User Actions

  • Select images
  • Remove images
  • Retry upload

Moderator Actions

  • Review flagged images
  • Remove content
  • Suspend repeat offenders

15. Safety, Security & Compliance

Security Controls

  • Virus scanning
  • MIME validation
  • Rate limiting
  • Authentication checks

Compliance

  • GDPR support
  • User deletion requests
  • Content takedown processes

16. Error Handling & Recovery

User Errors

  • Unsupported format
  • File too large
  • Network failure

System Recovery

  • Upload retry
  • Resumable uploads
  • Queue reprocessing

17. Memory & State Management

Client State

  • Upload progress
  • Upload queue
  • Draft post state

Backend State

  • Upload status
  • Processing status
  • Moderation status

18. Performance Requirements

Upload Performance

  • Upload initiation < 1 second
  • Progress updates every 500ms

Viewing Performance

  • Thumbnail load < 500ms
  • Feed image load < 2 seconds

Availability

  • 99.9% uptime

19. Monitoring, Logging & Observability

Metrics

  • Upload success rate
  • Upload failure rate
  • Average upload time
  • Storage growth
  • Moderation queue size

Logging

  • Upload events
  • Validation failures
  • Moderation actions

Alerting

  • Elevated upload failures
  • Processing backlog
  • Storage capacity thresholds

20. Evaluation & Success Metrics

Adoption Metrics

  • Percentage of posts containing images
  • Daily image uploads

Engagement Metrics

  • Image post views
  • Upvotes
  • Comments

Reliability Metrics

  • Upload success rate
  • Processing latency

21. Testing & Validation

Functional Tests

  • Supported format uploads
  • Large file uploads
  • Multi-image uploads

Security Tests

  • Malware uploads
  • MIME spoofing
  • Abuse testing

Load Tests

  • Peak upload traffic
  • CDN performance
  • Thumbnail generation throughput

22. Deployment & Operations

Rollout Strategy

  1. Internal testing
  2. Beta communities
  3. Gradual percentage rollout
  4. Full release

Rollback Strategy

  • Disable upload entry points
  • Preserve existing image delivery

23. Governance & Change Management

Ownership

  • Product
  • Platform Engineering
  • Trust & Safety

Change Process

  • Architecture review
  • Security review
  • Capacity review

24. Risks, Assumptions & Dependencies

Risks

  • Storage cost growth
  • Abuse and spam
  • Illegal content uploads
  • CDN outages

Assumptions

  • Users have authenticated accounts
  • Cloud storage available

Dependencies

  • Object storage
  • CDN
  • Moderation platform

25. Open Questions & Future Enhancements

Open Questions

  • Maximum images per post?
  • Maximum file size?
  • NSFW image handling?
  • Community-level upload restrictions?

Future Enhancements

  • Albums
  • Animated GIF support
  • Drag-and-drop uploads
  • Image search
  • AI-assisted moderation
  • EXIF metadata stripping controls

26. Appendix

API Contracts

  • Create Upload Session
  • Complete Upload
  • Delete Image
  • Fetch Image Metadata

Data Model

Image

  • image_id
  • user_id
  • post_id
  • storage_key
  • status
  • width
  • height
  • size_bytes
  • created_at

Key Constraints

  • Max file size: TBD
  • Max images per post: TBD
  • Supported formats: JPEG, PNG, WEBP
  • Moderation required before public visibility: TBD
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment