LET'S TALK
← All work
NIST AI RMF MAP.4 + MEASURE.2.6EU AI Act Art 50ISO/IEC 42001 §6.2OWASP LLM Top-10Deep Prototype

PromptGovernance — Internal LLM Prompt Registry

24 production prompts × owner + version + model + eval link + change log + safety review. Per prompt: system message, allowed inputs, banned outputs, kill-switch flag. Surfaces 4 prompts without current eval + 2 orphan prompts inherited from former employee + 3 prompts with safety review overdue + 1 prompt without a kill-switch.

PromptGovernance — Internal LLM Prompt Registry preview
Open live →

What it is

The shape behind every healthy AI-product team. Most companies build LLM features fast; the prompts accumulate; nobody knows who owns each one; safety reviews lapse; eval coverage drifts. PromptGovernance prototypes the registry that prevents that.

What’s in it

  • 24 production prompts across customer support, marketing, sales, dev-tools, BI, growth, retention, internal ops.
  • Per-prompt 9-field shape:
    • Surface (where it runs — customer support / dev-tools / etc.)
    • Model bound + version + last changed
    • Owner (or “(orphan)”)
    • Eval last run + pass rate (links ModelEvalPanel)
    • Safety reviewed at + cadence cap
    • Kill-switch wired (feature flag)
    • System message (verbatim)
    • Allowed inputs / banned outputs explicit
    • Notes + cross-references
  • Worst-offender findings:
    • PG-020 + PG-021 — ORPHAN prompts inherited from ex-employee. Last updated 420 days ago. KILL or take over.
    • PG-016 tax-line-explainer — eval AND safety review both overdue (180d).
    • PG-007 release-notes-generator + PG-023 dashboard-narrative — safety review overdue.
    • PG-014 sentiment-classifier — explicitly notes “do NOT use this to time upsells (see WaitlistEthics EX-015)” — preventing future-team-member from making the same mistake.
  • Cross-tool callbacks — every prompt references ModelEvalPanel coverage; the cancellation-flow helper links to WaitlistEthics EX-006 (FTC click-to-cancel); the SQL-translator links to PenTestFindings PT-002; the privacy-questionnaire-prefiller links to TrustCenter SIG.

Why this shape

NIST AI RMF MAP.4 (system governance) + MEASURE.2.6 (ongoing testing) demand the registry. EU AI Act Art 50 (transparency) requires disclosure of AI systems to users. ISO/IEC 42001 §6.2 (AI management system) demands documented prompt + safety governance. OWASP LLM Top-10 demands eval coverage. PromptGovernance prototypes the gate that surfaces orphans + stale evals + missing kill-switches before they cause incidents.

How it ships

Single HTML file, ~19KB. Zero dependencies. 24 prompts × 9-field shape + status classifier in 220 lines of vanilla JavaScript.

Open the tool →