| title |
Start Here |
| sidebar_label |
Start Here |
| sidebar_position |
0 |
| description |
Reading order index for Stave documentation. |
This page provides a recommended reading order for understanding Stave. Start with the sections that match your role.
| Order |
Document |
What You'll Learn |
| 1 |
README |
What Stave does, quickstart, CLI commands |
| 2 |
Security Guarantees |
Every guarantee: offline, no-creds, determinism, no-exec, filesystem safety |
| 3 |
Scope and Limits |
What Stave does and does not do |
| Order |
Document |
What You'll Learn |
| 4 |
Threat Model |
Assets, trust boundaries, attacker profiles, controls, residual risks |
| 5 |
Execution Safety |
No-exec guarantees: banned imports, closed DSL, no plugins |
| 6 |
Data Flow and I/O |
Per-command I/O model, permission policy, overwrite protection |
| 7 |
Release Security |
How releases are built, signed, and verified |
| 8 |
Verify a Release |
Step-by-step verification commands |
| Order |
Document |
What You'll Learn |
| 9 |
Architecture Overview |
Pipeline, package map, trust boundaries, command routing |
| 10 |
Stability and Versioning |
Schema stability, exit codes, dependency pinning |
| 11 |
Docs-As-Code |
Docs source of truth, generation, CI validation, publishing workflow |
| 12 |
Observation Schema |
obs.v0.1 field reference |
| 13 |
Output Schema |
out.v0.1 evaluation output contract |
| 14 |
Control Schema |
ctrl.v1 field reference, operator table |
| 15 |
Authoring Controls |
How to write, test, and review custom controls |
| 16 |
CONTRIBUTING.md |
Dev setup, testing, PR process |
Self-contained scenarios you can run immediately after building Stave:
If a task intent is missing (for example, an "I want to ..." item), submit a docs suggestion:
https://github.com/sufield/stave/issues/new?template=docs_feedback.yml&title=docs%3A%20missing%20intent%20-%20