Introduction
AIGIS for Obsidian is a focused governance plugin for teams that want local Markdown records for the AI systems, prompts, policies, workflows, skills, and incidents they manage. It is a local governance layer built on top of Obsidian. It does not call model providers, execute prompts, or provide server-side analytics.
AIGIS for Obsidian creates structured notes with consistent YAML frontmatter, keeps a dashboard current, and appends simple audit entries for bootstrap actions and note creation events. Everything it produces is plain Markdown, readable and portable in any text editor.
Who It Is For
AIGIS for Obsidian is well suited for:
- Teams already using Obsidian who want their AI governance records to live alongside their existing knowledge base, in the same format, in the same vault.
- Compliance and governance teams who need local, structured records they can point to when demonstrating AI oversight, without depending on external infrastructure.
- AI practitioners and consultants who manage prompt libraries, workflow documentation, and skill records across multiple clients or projects.
- Small teams and individuals who want structured governance records without standing up a database, a server, or a SaaS subscription.
- Privacy-conscious organizations where all AI governance data must remain on-premises, with no external service dependencies.
What It Provides
| Feature | Description |
|---|---|
| Inventory | Structured records for every AI system your organization operates, with vendor, model, integration type, risk level, owner, and status fields. |
| Prompts | Governed prompt artifacts with version numbers, lifecycle stages, provider, target model, and goal fields. |
| Policies | AI use policy records with version, status, owner, effective date, and review date. The dashboard surfaces policies due for review. |
| Workflows | Approved AI-assisted process documentation with a built-in Mermaid diagram block and human oversight checkpoint field. |
| Skills | Reusable governed agent capabilities with version, team, trigger phrases, and output contract fields. |
| Incidents | Structured incident records with severity, status, linked asset, and summary fields. |
| Dashboard | A live summary note that refreshes when managed notes are created, renamed, or deleted. Links to the audit log and user guide. |
| Audit Log | A plain Markdown log that records bootstrap actions and note creation events with normalized, single-line entries. |
| Side Panel Console | A quick-access creation panel showing module counts and create buttons for all six note types. |
Overview
AIGIS for Obsidian adds a structured governance layer to your vault. It does not modify your existing notes, does not connect to external services, and does not change how Obsidian works. It adds a managed folder, a set of note creation forms, a side panel, a dashboard, and an audit log.
What It Does Not Do
This distinction matters. AIGIS for Obsidian:
- Does not call any model provider or AI API.
- Does not execute prompts or generate AI output.
- Does not send data to external servers or analytics services.
- Does not enforce policies at runtime or check guardrails against live traffic.
It is a record-keeping and documentation tool. The governance value comes from the discipline of maintaining structured, current records, not from automated enforcement.
Key Concepts
| Term | Definition |
|---|---|
| Bootstrap | The action of creating the full AIGIS folder structure, generating the Dashboard and User Guide notes, and appending the first audit entry. Safe to run multiple times; it only creates what is missing. |
| Managed Root | The top-level folder that AIGIS operates in. Defaults to AIGIS/. Configurable in settings. |
| Module | One of the six governed note types: Inventory, Prompts, Policies, Workflows, Skills, or Incidents. |
| Lifecycle Stage | The current state of a prompt: development, staging, or production. |
| Output Contract | The required structure of an agent skill's output, documenting what the skill is expected to return. |
| Audit Entry | A single-line, normalized record in the Audit Log capturing the action type, target, and timestamp. |
Installation
Option 1: Open as a Vault
- Open the
AIGIS-Obsidianfolder as a vault in Obsidian. - Go to Settings → Community Plugins.
- Enable AI Governance and Infrastructure Suite for Obsidian.
- Run AIGIS: Bootstrap governance vault from the command palette.
Option 2: Add to an Existing Vault
- Create the folder
<your-vault>/.obsidian/plugins/aigis-governance/. - Copy
main.js,manifest.json, andstyles.cssinto that folder. - Reload community plugins in Obsidian and enable AI Governance and Infrastructure Suite for Obsidian.
- Optionally change the root folder under Settings → AIGIS Governance.
- Run AIGIS: Bootstrap governance vault from the command palette.
Development Setup
To build from source, navigate to the plugin folder and run:
cd ".obsidian/plugins/aigis-governance"
npm install
npm run devAfter Installation
Once the plugin is enabled and bootstrap has run, your vault will contain the full AIGIS/ folder structure. The dashboard will be populated with counts from each module, and the console panel will be available in the sidebar. You can begin creating governed notes immediately.
Vault Structure
Bootstrap creates the following structure under the configured managed root. By default, the root is AIGIS/.
AIGIS/
|-- Dashboard.md
|-- User Guide.md
|-- Inventory/
|-- Prompts/
|-- Policies/
|-- Workflows/
|-- Skills/
|-- Incidents/
`-- Audit/
`-- Audit Log.mdEach subfolder corresponds to one module. Notes created through AIGIS are placed in the appropriate subfolder. Bootstrap will not overwrite files that already exist, making it safe to run again if the structure is partially missing.
Folder Descriptions
| Folder | Contents |
|---|---|
Inventory/ |
One note per governed AI system or model. The anchor point for all other governance records. |
Prompts/ |
Versioned prompt artifact notes, each with lifecycle stage, provider, target model, and goal. |
Policies/ |
AI use policy notes with effective and review dates, ownership, and status. |
Workflows/ |
Approved AI process notes with a Mermaid diagram and human oversight checkpoint. |
Skills/ |
Reusable agent capability notes with trigger phrases and output contract. |
Incidents/ |
AI incident notes with severity, status, linked asset, and summary. |
Audit/ |
Contains the Audit Log. One append-only Markdown file for all audit entries. |
Inventory
Use Inventory to maintain a formal register of every AI system and model your organization operates. Inventory notes are the anchor records for your governance practice. Every other module references them.
Fields Reference
| Field | Description |
|---|---|
vendor |
The organization or provider operating the model (for example, OpenAI, Anthropic, or an internal team). |
model |
Model name and version string. |
integration_type |
One of api-model, custom-agent, or on-prem. |
risk_level |
One of low, medium, or high. Reflects what data the model processes and what decisions it influences. |
owner |
The responsible team or individual. |
status |
One of active, deprecated, or under-review. |
Vendor, model, and team values are drawn from configurable lists in settings. You can add new values inline from the creation form using the + Add new... option, and they will be available for future notes immediately.
Prompts
Prompt notes track your governed prompt artifacts. Use them to maintain a version-controlled library of the prompts your systems and agents depend on, with clear lifecycle staging so you always know which prompts are in active production use.
Fields Reference
| Field | Description |
|---|---|
version |
Version string. Defaults to 0.1.0. Increment this when the prompt content changes meaningfully. |
stage |
Lifecycle stage. One of development, staging, or production. |
provider |
Provider selected from the managed list in settings. |
target_model |
Target model selected from the managed list in settings. |
goal |
A plain-language description of the intended use for this prompt. |
Lifecycle Stages
Prompts move through three stages. The stage field is informational; AIGIS for Obsidian does not enforce stage transitions automatically, but the structured field gives your team a shared vocabulary for prompt readiness.
- Development - The prompt is being written or revised and is not yet in use by any production system.
- Staging - The prompt is under review or being tested before promotion.
- Production - The prompt is approved and in active use.
Policies
Policy notes capture your organization's AI use rules, boundaries, and review commitments. Use them to document what is and is not permitted, who is responsible for enforcement, and when each policy is due for review.
Fields Reference
| Field | Description |
|---|---|
version |
Version string. Defaults to 1.0.0. |
status |
One of draft, approved, or retired. |
owner |
The team or individual responsible for this policy. |
effective_date |
The date this policy came into effect. |
review_date |
The date this policy is due for review. The dashboard uses this field to surface policies approaching their review date. |
Workflows
Workflow notes document the approved AI-assisted processes your team operates. Each note includes a Mermaid diagram block so you can visualize the process, and a dedicated field for recording where human oversight is required.
Fields Reference
| Field | Description |
|---|---|
owner |
The responsible team for this workflow. |
human_oversight |
A description of where human review or approval is required within this workflow. |
mermaid |
The Mermaid diagram source for visualizing the workflow. The creation form includes a starter diagram. |
Obsidian renders Mermaid diagrams natively in preview mode. The starter diagram provided by AIGIS includes a basic flow structure you can adapt to the specific process you are documenting.
Skills
Skill notes store reusable governed agent capabilities. Use them to maintain a library of the instruction bundles your agents depend on, with version tracking, ownership, and documented expectations for how each skill should behave.
Fields Reference
| Field | Description |
|---|---|
version |
Version string for this skill. |
team |
The team that owns and maintains this skill. |
trigger_phrases |
The phrases or conditions that should invoke this skill. Enter one phrase per line. |
output_contract |
The required structure or content of this skill's output. Documents what callers can expect the skill to return. |
Incidents
Incident notes track AI-related problems from initial report through investigation to resolution. Use them to build an accountable record of what happened, how severe it was, what system it involved, and how it was addressed.
Fields Reference
| Field | Description |
|---|---|
severity |
One of low, medium, high, or critical. |
status |
One of open, investigating, or resolved. |
linked_asset |
A link to the related Inventory record, prompt, workflow, or any other note that is relevant to this incident. |
summary |
A plain-language description of what occurred. |
Dashboard
The dashboard is a Markdown note located at AIGIS/Dashboard.md by default. It is automatically updated whenever managed notes are created, renamed, or deleted.
What the Dashboard Shows
- A count of notes in each module: Inventory, Prompts, Policies, Workflows, Skills, and Incidents.
- Policies that are approaching their review date, drawn from the
review_datefrontmatter field. - Links to the Audit Log and the User Guide.
The dashboard is a live Markdown note. You can open it in any pane and it will reflect the current state of your vault whenever it refreshes. It is regenerated by AIGIS, so edits made directly to Dashboard.md may be overwritten on the next refresh.
Audit Log
The audit log is a plain Markdown file located at AIGIS/Audit/Audit Log.md by default. AIGIS appends an entry to this file whenever a governance action occurs.
Recorded Actions
| Action | Description |
|---|---|
vault.bootstrap |
Recorded each time the bootstrap command is run. Captures the timestamp and the state of the vault structure at that point. |
note.created |
Recorded each time a governed note is created through an AIGIS form. Captures the module, note title, and timestamp. |
Log Format
Each audit entry is normalized to a single line to reduce log-forging risk. The log is append-only by convention; AIGIS does not provide a mechanism to edit or delete entries. You can open and read the file at any time in Obsidian or any text editor.
The audit log is plain Markdown and should be treated as advisory and operational. It is not cryptographically protected or tamper-proof.
Command Reference
All AIGIS commands are available from the Obsidian command palette (Ctrl+P or Cmd+P). Type AIGIS to filter the list.
| Command | Description |
|---|---|
| AIGIS: Bootstrap governance vault | Creates any missing folders and files, refreshes the Dashboard, and appends a vault.bootstrap audit entry. Safe to run multiple times. |
| AIGIS: Open governance console | Opens or focuses the console panel in the sidebar. The panel shows module counts and quick-create buttons. |
| AIGIS: Create Inventory record note | Opens the inventory creation form. |
| AIGIS: Create Prompt note | Opens the prompt creation form. |
| AIGIS: Create Policy note | Opens the policy creation form. |
| AIGIS: Create Workflow note | Opens the workflow creation form, pre-populated with a starter Mermaid diagram. |
| AIGIS: Create Skill note | Opens the skill creation form. |
| AIGIS: Create Incident note | Opens the incident creation form. |
Settings
AIGIS settings are available at Settings → AIGIS Governance.
General
| Setting | Default | Description |
|---|---|---|
| Root folder | AIGIS |
The managed root folder inside the vault. All AIGIS subfolders and notes are created under this path. |
| Audit folder | Audit |
The subfolder under the root where the audit log is stored. |
| Dashboard note | Dashboard.md |
The filename for the dashboard note inside the root folder. |
| Auto-open console | On | When enabled, the governance console panel opens automatically when Obsidian starts. |
Console Visibility
The console can be opened or closed using the AIGIS: Open governance console command. Visibility is also controllable from the settings page. The console panel itself does not include show or hide toggles.
Card Order
The order of module cards in the console can be changed using the arrow buttons in the card order section of settings.
Console Appearance
Console appearance settings control card background color, border styling, spacing, title styling, count styling, description styling, and the create button colors for each module card.
Dropdown Lists
The vendor, model, and team lists used in creation forms are editable in settings. You can also add new values inline from within any creation form using the + Add new... option. New values added inline are immediately saved to the list and available for future notes.
Frontmatter Reference
All notes created through AIGIS include a standard set of frontmatter fields in addition to the module-specific fields described above.
| Field | Description |
|---|---|
aigis_module |
The module type for this note. One of inventory, prompt, policy, workflow, skill, or incident. |
title |
The human-readable title entered in the creation form. |
created_at |
ISO-8601 timestamp written at creation time. |
updated_at |
ISO-8601 timestamp written at creation time. Update this field manually when you make meaningful changes to the note. |
These shared fields make it possible to search or filter across all AIGIS notes using Obsidian's search, Dataview queries, or any other tool that reads YAML frontmatter.
Security Notes
- Filenames are slugified from note titles before being written to disk. This prevents common filename injection patterns.
- Audit entries are normalized to a single line before being appended to the log. This reduces the risk of multi-line log injection.
- Settings-backed paths are sanitized before the plugin uses them to create folders or files.
- The audit log is plain Markdown. It is an operational record, not a cryptographically protected tamper-proof log. Treat it as advisory.
- No external connections are made. AIGIS for Obsidian does not call any external service, API, or server. All data remains on the local machine.
Because all governance data is stored as local Markdown files, access control depends entirely on your operating system file permissions and vault access controls. Protect the vault directory using the same measures you would apply to any sensitive local document store.