feat(platform): enforce mandatory governance system prompt

[larryro]

Closes #1171

Summary

• Add a governance system prompt policy that prepends/appends mandatory text to agent instructions, enforced across both the agent chat and OpenAI-compatible API endpoints
• Skip injection for sub-agents (delegation chains) to prevent double-injection
• Add governance settings navigation link, backend query (getSystemPromptPolicyInternal), and en/de i18n strings
• Simplify convex dev script by removing --local --local-force-upgrade flags

Test plan

• Verify governance system prompt prefix/suffix is applied to agent chat responses
• Verify governance system prompt is applied via OpenAI-compatible endpoint
• Confirm sub-agent delegation does not double-inject the governance prompt
• Check governance settings page is accessible from settings navigation
• Validate en and de translations render correctly

Summary by CodeRabbit

Release Notes

• New Features
  • Added a new Governance settings section for managing organization-wide policies.
  • Introduced System Prompt policy management with configurable mandatory prefix and suffix text.
  • Added character count tracking with configurable limits for system prompt policies.
  • Implemented save functionality for governance policy updates.
  • Added full support for German language translations in governance features.

[greptile-apps]

Your free trial has ended. If you'd like to continue receiving code reviews, you can add a payment method here.

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR introduces a governance feature enabling organizations to set mandatory system prompt prefixes and suffixes. Changes include a new "Governance" settings navigation tab, a Convex query (getSystemPromptPolicyInternal) to retrieve organization-scoped system prompt policies, integration into agent generation and OpenAI-compatible chat flows to apply these mandatory prompts, English and German translations for the governance UI, and an update to the dev script's Convex invocation method (removing --local flags).

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• feat(platform): add optimistic messages for existing chat threads #627: Modifies runAgentGeneration in services/platform/convex/lib/agent_chat/internal_actions.ts to add error handling and message-saving behavior alongside system prompt policy application.
• feat: refine dark theme, sidebar styling, and simplify agent selector #809: Modifies spawnConvex() in services/platform/scripts/dev.ts to alter how the Convex dev process is launched and environment handling.

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'feat(platform): enforce mandatory governance system prompt' accurately summarizes the main change: adding governance system prompt enforcement across agent chat and OpenAI-compatible endpoints.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/governance-system-prompt

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@services/platform/convex/openai_compat/internal_actions.ts`:
- Around line 295-311: The governance prompt wrapping logic (checking
systemPromptPolicy, trimming and applying
mandatoryPrefixPrompt/mandatorySuffixPrompt to systemPrompt) is duplicated
between internal_actions.ts and
services/platform/convex/lib/agent_chat/internal_actions.ts; extract that
behavior into a shared helper (e.g., applyMandatoryGovernancePrompts(policy,
systemPrompt): string) and replace the inline blocks that reference
systemPromptPolicy, cfg.mandatoryPrefixPrompt, and cfg.mandatorySuffixPrompt
with calls to this helper so both chat flows use the exact same
trimming/prepend/append semantics and remain synchronized as policy rules
change.

In `@services/platform/messages/de.json`:
- Line 3502: The German translation for the JSON key "suffixDescription"
contains a case error; update its value by replacing "nach die Anweisungen" with
the correct phrase "nach den Anweisungen" so the string becomes "Dieser Text
wird nach den Anweisungen jedes Agents angehängt und kann nicht überschrieben
werden."

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 1e041d81-cb0f-4c73-85d4-21db7d8c1ebd

📥 Commits

Reviewing files that changed from the base of the PR and between 751f4d9 and 1feaaac.

📒 Files selected for processing (7)

• services/platform/app/features/settings/components/settings-navigation.tsx
• services/platform/convex/governance/internal_queries.ts
• services/platform/convex/lib/agent_chat/internal_actions.ts
• services/platform/convex/openai_compat/internal_actions.ts
• services/platform/messages/de.json
• services/platform/messages/en.json
• services/platform/scripts/dev.ts

[coderabbitai]

🧹 Nitpick | 🔵 Trivial

Extract governance prompt wrapping into a shared helper to prevent behavior drift.

The trim/prepend/append logic is duplicated here and in services/platform/convex/lib/agent_chat/internal_actions.ts. Centralizing it in one helper will keep both chat paths behavior-identical as policy rules evolve.

♻️ Suggested direction

-    if (
-      systemPromptPolicy?.enabled !== false &&
-      isRecord(systemPromptPolicy?.config)
-    ) {
-      const cfg = systemPromptPolicy.config;
-      const prefix =
-        typeof cfg.mandatoryPrefixPrompt === 'string'
-          ? cfg.mandatoryPrefixPrompt.trim()
-          : '';
-      const suffix =
-        typeof cfg.mandatorySuffixPrompt === 'string'
-          ? cfg.mandatorySuffixPrompt.trim()
-          : '';
-      if (prefix) systemPrompt = prefix + '\n\n' + systemPrompt;
-      if (suffix) systemPrompt = systemPrompt + '\n\n' + suffix;
-    }
+    systemPrompt = applyMandatorySystemPromptPolicy(
+      systemPrompt,
+      systemPromptPolicy,
+    );

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@services/platform/convex/openai_compat/internal_actions.ts` around lines 295
- 311, The governance prompt wrapping logic (checking systemPromptPolicy,
trimming and applying mandatoryPrefixPrompt/mandatorySuffixPrompt to
systemPrompt) is duplicated between internal_actions.ts and
services/platform/convex/lib/agent_chat/internal_actions.ts; extract that
behavior into a shared helper (e.g., applyMandatoryGovernancePrompts(policy,
systemPrompt): string) and replace the inline blocks that reference
systemPromptPolicy, cfg.mandatoryPrefixPrompt, and cfg.mandatorySuffixPrompt
with calls to this helper so both chat flows use the exact same
trimming/prepend/append semantics and remain synchronized as policy rules
change.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Fix German grammar in suffix description.

Line 3502 uses incorrect case: nach die Anweisungen. It should be nach den Anweisungen.

✍️ Proposed text fix

-      "suffixDescription": "Dieser Text wird nach die Anweisungen jedes Agents angehängt und kann nicht überschrieben werden.",
+      "suffixDescription": "Dieser Text wird nach den Anweisungen jedes Agents angehängt und kann nicht überschrieben werden.",

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	"suffixDescription": "Dieser Text wird nach die Anweisungen jedes Agents angehängt und kann nicht überschrieben werden.",
	"suffixDescription": "Dieser Text wird nach den Anweisungen jedes Agents angehängt und kann nicht überschrieben werden.",

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@services/platform/messages/de.json` at line 3502, The German translation for
the JSON key "suffixDescription" contains a case error; update its value by
replacing "nach die Anweisungen" with the correct phrase "nach den Anweisungen"
so the string becomes "Dieser Text wird nach den Anweisungen jedes Agents
angehängt und kann nicht überschrieben werden."