v1.0.0 — Open Standard

GxP compliance for
AI‑native development

Drop a GxP.MD file in your project root. Your AI agent handles the rest.

Read the Spec Get Started
GxP.MD
---
gxpmd_version: "1.0.0"
regulatory:
profile: pharma-standard
frameworks: ["21 CFR Part 11", "EU Annex 11"]
risk:
overall: HIGH
artifacts:
engine: rosie
---
# Core Principles
The V-Model is law. Never write code
without a corresponding User Story...

What is GxP.MD?

AI coding agents have no built-in understanding of GxP compliance. When they generate code for pharmaceutical or life sciences projects, they optimize for functionality — not regulatory compliance.

GxP.MD is a portable, agent-agnostic instruction standard. Like CLAUDE.md or .cursorrules but for GxP. The name is a deliberate pun: gxp.md is both this website and evokes the markdown file format.

Place a single GxP.MD file at your project root. Your AI agent — whether Claude, GPT, Gemini, or Copilot — reads it and knows how to maintain compliance through code annotations, enforce quality gates, and generate audit-ready evidence every sprint.

Why GxP.MD?

Annotations-First

Traceability lives in structured code annotations. No separate documentation to maintain. Code and compliance move together.

Gate Enforcement

Pre-commit, pre-merge, and per-release gates enforce compliance. Blocks non-compliant code before it reaches production.

Develop/Harden Modes

Lightweight annotation-driven development. Per-sprint compliance formalization. No separate audit preparation phase.

Risk-Proportionate

Enforcement scales with risk level. HIGH demands full rigor and review. LOW stays lightweight and fast.

Ecosystem

GxP.MD is part of a broader compliance ecosystem for AI-assisted pharmaceutical software development.

GxP.MD

The declarative contract. Defines what compliance means for a project. Lives at project root.

Instruction Layer
ROSIE RFC-001

The artifact standard. Defines how compliance evidence is structured, stored, and signed.

Evidence Layer
Nexus

The validation platform. Consumes GxP.MD contracts and ROSIE artifacts to assess compliance state.

Platform Layer

Built-in Regulatory Profiles

Pre-configured compliance settings for common pharmaceutical and life sciences regulatory frameworks.

Pharmaceutical Standard

pharma-standard

Comprehensive profile for pharmaceutical manufacturing and distribution systems.

Standards

21 CFR Part 11EU Annex 11ICH Q7/Q9/Q10GAMP 5

Medical Device

medical-device

For medical device software lifecycle management and quality systems.

Standards

IEC 62304ISO 13485FDA 21 CFR 820

Clinical Trial

clinical-trial

Clinical trial systems with patient data protection and GCP compliance.

Standards

ICH E6(R2)21 CFR Part 11GDPR

Laboratory

laboratory

Good Laboratory Practice for testing and calibration systems.

Standards

21 CFR Part 58ISO 17025
Compare profiles in detail →

Get Started in 5 Minutes

Download the starter template, choose a regulatory profile, and drop it in your project root.

Getting Started Guide Download Templates