Amit Kothari
Amit Kothari CEO of Tallyfy, AI advisor at Blue Sheen

System prompts that scale across teams

In brief

System prompts are your AI constitution. Agentic AI projects keep getting cancelled over cost, complexity, and risk that trace back to ungoverned prompts. Build hierarchical prompt architectures with version control and tools like MLflow that enable team autonomy while maintaining organizational standards.

What you will learn

  1. Why system prompts need constitutional governance - they define AI behavior boundaries and require the same management discipline as organizational policies

  2. How hierarchical prompt architecture with inheritance patterns lets teams customize while keeping organizational consistency intact

  3. Why cancelled agentic AI projects usually trace back to ungoverned prompts, and how version-controlled prompt workflows keep your team off that list

Getting Claude working perfectly feels like a victory. Marketing loves it. Engineering copies the prompt. Sales tweaks it for their use case. Three months later, nobody can explain why the outputs feel off.

This plays out at almost every mid-size company I work with. And it frustrates me every time. Not because it’s surprising, but because it’s so preventable.

The pattern is sobering: agentic AI projects keep getting cancelled, and the post-mortems rarely blame the model. The acceleration of AI adoption is real. What’s not keeping pace is how teams manage the prompts powering those agents.

Why prompts become a mess so fast

Someone in marketing writes a brilliant prompt. It works. They drop it in Slack. Engineering copies it. Sales modifies it. Product tweaks it for their workflow.

Six versions later, nobody remembers what the original did or why it worked. When something breaks, you’re doing archaeology: reconstructing decisions nobody documented.

That archaeology is how agentic AI projects die: unanticipated cost, complexity, or unexpected risks nobody owns. Turns out, every major analysis keeps landing on the same conclusion. That’s not a technology problem. That’s a governance vacuum.

The moment your second team starts using AI, you need proper system prompt design standards. Not guidelines. Standards.

System prompts as constitutional documents

Four-layer prompt hierarchy: org core inherits to domain to team to user

Think about how constitutional governments work. A foundational document defines the outer limits. Below that, laws. Below laws, policies. Below policies, individual decisions.

That’s exactly how system prompt design should work at scale.

Your organizational AI constitution defines non-negotiable behaviors: tone limits, ethical constraints, data handling rules, response format requirements. These don’t change team to team. Below that, you have domain-specific adaptations. Marketing needs brand voice. Engineering needs technical precision. Sales needs customer focus. All of them inherit from the constitutional layer.

I came across this piece on hierarchical context architecture that explains the pattern well. Multi-level context organization with inheritance. Parent-child propagation with selective overrides. Scope isolation with access controls.

Sounds complex? It isn’t. It’s just treating your prompts like code instead of comments. The foundational skills for writing effective prompts still apply at every layer.

The practical structure has four layers. Layer 1: Organizational core. Non-negotiables across all teams: security protocols, compliance requirements, brand fundamentals. Every team inherits these automatically. Layer 2: Domain templates. Each domain starts from the core and adds specific context. Layer 3: Team customizations. Teams can modify within their domain limits, but can’t override the core or violate domain constraints. Layer 4: User adaptations. Tactical adjustments within defined limits.

There’s a framework on prompt design patterns that breaks down five specific approaches: Chain-of-Thought structures, role-based templates, requirements analysis frameworks, example-based patterns, and multi-agent prompt systems. What makes these work is modularity. Each component has a single responsibility. Teams swap components without breaking the system.

The alternative is what most companies do. Monolithic prompts. Copy-paste chaos. Zero reusability. Complete brittleness the moment you try to grow past one team.

Version control or version chaos

You wouldn’t push code to production without version control. So why do it with prompts?

Prompts need the same care normally applied to application code. A whole tool category now exists for exactly this: versioning, testing, proper deployment processes.

Every system prompt gets a version number. Tom Preston-Werner’s semantic versioning works well: major.minor.patch. Breaking changes increment major. New features increment minor. Bug fixes increment patch. Every change gets documented: what changed, why, who approved it, what testing was done.

Every version lives in a centralized registry. MLflow 3’s Prompt Registry now includes auto-optimization using evaluation feedback and labeled datasets, while tools like PromptLayer and Helicone add A/B testing, rollback capabilities, and a tracked history of every prompt change.

Before any prompt goes organization-wide, it gets tested. Not in production. In staging. With real workflows. Measured outcomes.

This sounds like overhead. It isn’t. When AI agents run multi-step workflows, error rates compound exponentially: 95% reliability per step yields only 35.8% success over 20 steps (that’s just 0.95^20). Which is a nightmare, frankly. Preventing that compounding is far less painful than debugging mysterious failures across ten teams at once.

Need help making this real in your firm? That’s what Blue Sheen does.

Making governance practical

The word “governance” makes people think committees and approval chains. That’s not what I’m describing. Will it slow teams down? No.

Structure that enables autonomy. Clear limits that let teams move fast without breaking things.

Enterprise governance frameworks emphasize creating a cross-functional center of excellence: not to control everything, but to coordinate effectively. Core prompts require central approval. Domain templates need domain leader approval. Team customizations stay within team authority. What turns this from bureaucracy into enablement? Clear decision rights. Fast approval loops. Automated validation where possible.

The teams building modular prompt architecture figured this out. Break monolithic prompts into small, task-based components. Each team owns their modules. The central team owns the router. Suddenly you get consistency and flexibility without sacrificing either.

Let me be straight about failure modes. I’ve probably missed a few, but these are the ones I keep seeing. Political resistance kills this when you can’t show clear benefit quickly. You need quick wins and measurable quality gains before teams will trust central standards. Technical complexity is a real barrier: if your teams are copy-pasting prompts in ChatGPT, they aren’t ready for hierarchical architecture yet. You need real infrastructure. Centralized prompt registries solve this at scale, and 89% of organizations have already implemented observability for their agents. Prompt governance is catching up. Maintenance burden is real: someone has to own the core layer, review changes, maintain the registry. Don’t resource it properly and it becomes shelfware. Cultural mismatch might be the hardest one. This works in organizations that already do code review, documentation, and structured deployment. If your culture is “move fast and break things,” you’ll fight this system constantly.

The answer isn’t to abandon governance. It’s to right-size it for your maturity level.

For Claude specifically, the cross-surface version of this problem has a known shape. See the 4-track CLAUDE.md propagation architecture for how to land one source of truth in Claude Code, Claude Desktop, claude.ai web, and Cowork at the same time.

(June 2026 note: the “treat prompts like reusable code modules” idea now has a native mechanism. Anthropic’s Agent Skills are folders of instructions and scripts loaded on demand across the Claude apps, Claude Code, and the API, with org-wide management since December 2025. That maps almost exactly onto the modular, inheritable layers below. The governance argument is unchanged. You now have a first-class place to put the modules.)

Where to start

Create one shared system prompt that everyone inherits from. Keep it minimal. Security requirements. Basic tone guidelines. Critical constraints. That’s it.

Set up version control. Linus Torvalds’ Git works fine, and dedicated tools like Langfuse or Helicone add prompt-specific versioning and evaluation on top. Require pull requests for changes to the shared core.

Document decisions. Not extensively. Just enough that someone can understand why, six months later.

When teams want customization, make them propose it as a module. Reusable. Testable. Documented. Measure what happens: response quality, consistency, time saved through reuse. Use actual outcomes to make the case for more structure over time.

This isn’t about perfect governance on day one. It’s about preventing the chaos that kills AI initiatives the moment they grow past one team.

System prompt design is infrastructure work. Treat it that way.

About the Author

Amit Kothari is an experienced consultant, advisor, coach, and educator specializing in AI and operations for executives and their companies. With 25+ years of experience, he is the Co-Founder & CEO of Tallyfy® (raised $3.6m, the Workflow Made Easy® platform) and Partner at Blue Sheen, an AI advisory firm for mid-size companies. He helps companies identify, plan, and implement practical AI solutions that actually work. Originally British and now based in St. Louis, MO, Amit combines deep technical expertise with real-world business understanding. Read Amit's full bio →

Disclaimer: The content in this article represents personal opinions based on extensive research and practical experience. While every effort has been made to ensure accuracy through data analysis and source verification, this should not be considered professional advice. Always consult with qualified professionals for decisions specific to your situation.

Related Posts

View All Posts »
Your locked-down Claude sandbox is a holding pattern, not a destination

Your locked-down Claude sandbox is a holding pattern, not a destination

Giving everyone Claude inside an isolated VM, no sensitive data allowed, feels like the safe way to start. It is a fine way to start. The trouble is what happens when you leave people there: the leak it was built to stop walks out by copy-paste anyway, the friction recruits the shadow AI you were trying to prevent, and the value never compounds because nothing in an ephemeral box survives the session. A sandbox is a scaffold. Scaffolds come down.

An MCP server is unreviewed code with your file system in scope

An MCP server is unreviewed code with your file system in scope

Treat every MCP server as untrusted code that runs with the access your agent has, because that is what it is. Anthropic docs say the directory lists connectors but does not security-audit them. A registry of approved servers with nothing enforcing it is a memo. The control that binds is a managed allowlist matched by URL or command, never by name.

Your Claude Code deny rules are not a security boundary

Your Claude Code deny rules are not a security boundary

Before you hand Claude Code to hundreds of people you add deny rules for .env and credentials and feel locked down. You are not. Those rules govern Claude own tools, not a Python one-liner that opens the same file, and the control that actually holds, the OS sandbox, reads your whole machine by default and fails open when it cannot start. The baseline worth setting is real. Its dangerous gaps are the defaults you never changed.

You are at phase zero, and the deck you were sold starts at phase three

You are at phase zero, and the deck you were sold starts at phase three

Every enterprise AI maturity model starts a rung above where most companies stand and skips the one that holds the rest up: getting the tool safely into people hands. Your team already has Claude. If IT cannot produce the tenant policy, the egress allowlist, the tool allowlist, and the audit log, you are at phase zero, whatever the deck says.

Your AI context layer is only half a brain

Your AI context layer is only half a brain

An AI context layer feeds every model one governed source of company truth, and DataHub and Atlan will sell you that read half today. The half that notices when a person did not get what they wanted, the re-ask nobody logged, is what turns a knowledge store into a brain.

Your AI has no whoami

Your AI has no whoami

Every enterprise AI platform resolves what you can access through SSO and SCIM. None of them load your team instructions from who you are. Claude gives admins one 3,000-character field for everyone. Microsoft Copilot reads your permissions but not your team playbook. Here is the gap and what works today.

AI advisory services via Blue Sheen.
Contact me Follow 10k+