Your team is already using AI to write code. The question is: with a method, or without one?
CRAFT Method is the structured framework — Curate, Refine, Architect, Fortify, Test — that makes AI-native development an organisational capability, not individual chaos.
Five practices — Curate, Refine, Architect, Fortify, Test — that give engineering leaders a repeatable, governable framework to upskill their entire organisation for AI-native software development.
Not another AI tool. Not a prompt library. A complete method that turns AI adoption from individual experimentation into organisational capability.
Every line of AI-generated code passes through the CRAFT pipeline. Curate the context. Refine the spec. Architect within governed patterns. Fortify against AI risk. Test before AI ships.
AGENTS.md is your method as code — the single source of truth your agents, your CI, and your auditors all read. Every team, every repo, every agent: the same context, the same rules, the same governance.
1
# AGENTS.md
2
# Example: the canonical context file CRAFT teaches teams to write
3
4
org: your-organisation
5
default_practice: curate
6
context:
7
codebase: indexed (codebase intelligence)
8
patterns: governed (your ADRs · your standards)
9
ownership: team-map (auto-generated)
10
11
agents:
12
- id: curate.context
13
role: "Curate context AI agents consume"
14
gate: required
15
- id: refine.spec
16
role: "Refine specs before AI generates code"
17
gate: required
18
- id: architect.pattern
19
role: "Architect within governed patterns"
20
gate: required
21
- id: fortify.security
22
role: "Fortify against AI-introduced risk"
23
sast: enabled
24
aibom: required
25
- id: test.coverage
26
role: "Test before AI ships"
27
min_coverage: 0.85
28
29
governance:
30
iso_42001: aligned
31
eu_ai_act: ready
32
audit: continuous
33
▍~90% of engineering teams use AI tools. But without a structured method, AI adoption becomes organisational chaos — vibe coding at scale, ungoverned and unmeasurable.
~90% of engineering teams use AI tools, but only 32% have any formal governance. The other 68% are running AI-assisted development with zero standards, review, or oversight.
Nearly half of AI-generated code introduces security flaws. 72% failure rate for AI-generated Java. Velocity without a method becomes liability — fast.
Scrum standardised agile. Lean standardised manufacturing. Six Sigma standardised quality. There is no standard for AI-native development. Until now.
The problem is not AI adoption. The problem is unstructured AI adoption. Your org needs a method — not more tools.
Each practice builds an organisational capability — not just individual skill. Together, they form a complete method your teams adopt, your leaders govern, and your org scales.
Every developer prompts AI differently — inconsistent results across teams
Codebase intelligence · AGENTS.md · layered context · dev-tool integration — every team feeds AI the same quality of context.
Developers skip requirements — "AI will figure it out." It does not.
Refine specs into machine-parseable predicates before AI generates code. Completeness scoring · edge-case generation · traceability — no code without a validated spec.
AI generates different patterns every prompt — tech debt at AI speed
Pattern libraries · ADRs · multi-agent code review · agentic CI/CD · system topology — AI cannot violate what is enforced.
AI ships vulnerabilities at AI velocity — 45% of AI code fails security tests
Fortify against AI-introduced risk. SAST/DAST/SCA at AI velocity, AIBOMs, slopsquat defense, ISO 42001 / EU AI Act compliance, AI-powered vulnerability remediation.
Coverage flat for AI code — quality cannot keep up with AI velocity
Test before AI ships. AI-generated test coverage, mutation testing, blocking quality gates calibrated for AI velocity, deployment quality measurement, feedback loops back to upstream practices.
Spec-traceable. Pattern-conformant. Agent-reviewed. Scanned. Provenance-tracked. This is what enterprise-grade AI development actually looks like.
function chargeUser(userId, amount) {// TODO: validate amountreturn stripe.charge(userId, amount);}
// spec: BILLING-014 · gated by refine.specfunction chargeUser(userId: string, amount: Money): Promise<Receipt> {assertPositive(amount, "BILLING-014.a1");assertOwned(userId, ctx.tenant, "BILLING-014.a2");return stripe.charge(userId, amount.cents);}
Velocity without governance is liability. CRAFT instruments every practice — so engineering leaders see the same signal their auditors see, and their CFO can defend it.
The difference across your organisation is measurable from day one.
"How do I upskill my entire engineering organisation for AI — without losing quality, governance, or control?"
"I need to transform how my engineering org builds software. But every team is experimenting with AI differently and I have no way to standardise, measure, or govern it."
Standardise AI Development"AI velocity is outpacing our quality controls. We are shipping faster but our testing, security, and architecture governance cannot keep up. I need guardrails that scale."
Scale with Governance"Some of my teams are 10× with AI, others are struggling. I cannot replicate what the good teams are doing because there is no shared method. Everyone is winging it."
Replicate SuccessAssess your AI readiness. Upskill your team in two days. Then embed the method across your entire engineering organisation.
Get a complete x-ray of your engineering org across all 5 CRAFT practices. Data-driven diagnostic that tells you exactly where to focus.
Learn MoreElevate your developers from coders to architects. Day 1: Build trust through bug fixing. Day 2: Build capability through features.
See the WorkshopEmbedded pair programming, coaching, and mentoring. We work alongside your developers until CRAFT is how they naturally work.
Explore the Program25 questions about Curate — the foundation practice of CRAFT Method. Discover if your teams curate the context AI agents consume, or waste time re-explaining every session.
Get your Curate score instantly. See how you compare. Unlock the full 5-practice assessment to find every gap in your AI-native development capability.