ArchPilotExecutable architecture guardrails

Search docs

Docs search

Validation rule

Back to Rule Catalog
AP-DQR-004Data & Query Risk

Cross-module direct database access bypasses module boundary

Flags database access that reaches into another module's owned data boundary directly.

warningviolationNo auto-fix

How to fix

  1. Use the owning module's public API or service boundary.
  2. Add a supported read model or event feed.
  3. Document temporary migration exceptions and remove them after the migration window.

What it means

One module appears to read or write another module's database artifacts directly.

Why it matters

Direct data access bypasses module contracts and makes ownership, migration, and policy decisions harder to control.

Common causes

  • A read model was built by querying another module's tables.
  • A migration window introduced temporary direct access.
  • The owning module does not expose a public query/API surface yet.

Example bad pattern

risk imports payments ledger tables directly for scoring.

Example good pattern

risk consumes a payments-owned public query or event projection.

Related files/config

  • .archpilot/architecture.json
  • .archpilot/contracts/*.json

Related CLI commands

  • archpilot validate
  • archpilot validate --ci

Related docs

Rule CatalogDependency Rules & Module ContractsFindings & Exceptions
AP-DQR-004 - Cross-module direct database access bypasses module boundary | ArchPilot Docs