惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

T
Threatpost
The Hacker News
The Hacker News
AWS News Blog
AWS News Blog
Spread Privacy
Spread Privacy
T
Tenable Blog
C
CERT Recently Published Vulnerability Notes
Cisco Talos Blog
Cisco Talos Blog
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
S
Securelist
P
Privacy & Cybersecurity Law Blog
Know Your Adversary
Know Your Adversary
T
The Exploit Database - CXSecurity.com
Latest news
Latest news
D
Darknet – Hacking Tools, Hacker News & Cyber Security
I
Intezer
F
Fortinet All Blogs
Engineering at Meta
Engineering at Meta
Simon Willison's Weblog
Simon Willison's Weblog
The Register - Security
The Register - Security
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
L
Lohrmann on Cybersecurity
C
Cyber Attacks, Cyber Crime and Cyber Security
Microsoft Azure Blog
Microsoft Azure Blog
P
Proofpoint News Feed
H
Help Net Security
T
Threat Research - Cisco Blogs
D
DataBreaches.Net
S
Schneier on Security
Cyberwarzone
Cyberwarzone
Google DeepMind News
Google DeepMind News
P
Privacy International News Feed
S
Secure Thoughts
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
Recorded Future
Recorded Future
C
Cybersecurity and Infrastructure Security Agency CISA
MyScale Blog
MyScale Blog
M
MIT News - Artificial intelligence
Stack Overflow Blog
Stack Overflow Blog
IT之家
IT之家
人人都是产品经理
人人都是产品经理
NISL@THU
NISL@THU
博客园 - Franky
T
Tor Project blog
G
GRAHAM CLULEY
博客园 - 【当耐特】
Jina AI
Jina AI
Security Archives - TechRepublic
Security Archives - TechRepublic
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
A
About on SuperTechFans
Hacker News - Newest:
Hacker News - Newest: "LLM"

Hacker News - Newest: "AI"

AI can't read an investor deck AI as an attorney? Student uses ChatGPT, Gemini to sue UW over alleged racial discrimination Hacking MCP Servers in AI Systems – The Rug Pull: Tool Changes After Approval GitHub - MeepCastana/KubeezCut: Free Web based video editor GitHub - GenAI-Gurus/awesome-eu-ai-act: Curated tools, official sources, OSS, templates, and guides for EU AI Act compliance. Can AI judge journalism? A Thiel-backed startup says yes, even if it risks chilling whistleblowers Coming soon: 10 Things That Matter in AI Right Now DARPA built an AI to fact-check enemy weapons claims What explains heterogeneity in AI adoption? When AI Meets Muscle: Context-Aware Electrical Stimulation Promises a New Way to Guide Human Movements - Department of Computer Science AI Changed How We Build. It Did Not Change What Matters. Linux rules on using AI-generated code - Copilot is OK, but humans must take 'full responsibility for the… Meta spins up AI version of Mark Zuckerberg to engage with employees Code Mode: Let Your AI Write Programs, Not Just Call Tools | TanStack Blog GitHub - Delavalom/graft: Go framework for building AI agents. Type-safe tools, multi-provider (OpenAI, Anthropic, Gemini, Bedrock), zero vendor SDKs. India's TCS tops estimates, says new AI models did not dent services demand Gen Z's fading AI hype Strong feeling: we are in a folded AI reality GitHub - machinarii/total-recall-catalog: A reference catalog of latest knowledge retrieval, memory & RAG systems GitHub - mensfeld/code-on-incus: Give each AI agent its own isolated machine with root, Docker, and systemd. Active defense detects and stops threats automatically.. Quantization, LoRA, and the 8% Problem: Benchmarking Local LLMs for Production AI Iran war: We spoke to the man making Lego-style AI videos that experts say are powerful propaganda Powell, Bessent discussed Anthropic's Mythos AI cyber threat with major U.S. banks GitHub - immartian/bellamem: Persistent belief-graph memory for AI agents. Retrieves decisive context by importance — not recency, not RAG, not /compact. recursive-mode: The Repo-Native Operating System for AI Engineering After the attack on Sam Altman's home, will AI CEO's go on the offensive? The biggest advance in AI since the LLM Opus 4.6 vs GPT 5.4 One Prompt Unity World Generation Test “AI polls” are fake polls Client Challenge Can AI be a 'child of God'? Inside Anthropic's meeting with Christian leaders How to Switch AI Chatbots and Why You Might Want To GitHub - MattMessinger1/agentic_refund_guardrail: Safe refund policy layer for AI agents — Python + TypeScript. Same behavior, shared tests. Adam/papers/emergent_values_whitepaper.md at master · strangeadvancedmarketing/Adam Ask HN: How do you stop playing 20 questions with your AI coding tools How far can automation and AI support psychotherapy? - @theU GitHub - stagas/rtdiff: realtime git diff gui and AI-assisted commits A Mac Studio for Local AI — 6 Months Later A History of the Early Years of AI at the University of Edinburgh Why AI Coding Tools Still Feel Stuck on Localhost MSN AI Datacenters Are Becoming Strategic Targets twitter.com Penn Researchers Use AI to Surface Unreported GLP-1 Side Effects in Reddit Posts Show HN: MoodSense AI (ML and FastAPI and Gradio, Deployed on Hugging Face) Moodsense Ai - a Hugging Face Space by aman179102 AI models are terrible at betting on soccer—especially xAI Grok GitHub - xialeistudio/echoic GitHub - HimashaHerath/github-dev-wrapped: AI-powered weekly GitHub activity reports deployed to GitHub Pages GitHub - alejandrobalderas/claude-code-from-source: Architecture, patterns & internals of Anthropic's AI coding agent — reverse-engineered from source maps AI and Tech brief: Ireland ascendant GitHub - Titovilal/context0: Context0 - Never Surrender Training for a Marathon with an AI Coach: What Worked and What Didn't Cyber Pulse: Agentic Intel - Apps on Google Play I Built an AI PR Reviewer That Catches Bugs by Not Looking for Bugs Gen Z workers are so fearful AI will take their job they’re intentionally sabotaging their company’s AI rollout | Fortune How AI Is Reimagining the Game of Golf–For Both Players and Courses GitHub - nattergabriel/reseed: A CLI tool for managing and distributing agent skills across projects Is SVG the final frontier? My AI workflow evolved from prompts to a near-autonomous workflow MLSharp Help - 3DGS Viewer & Generator I put my cognitive field based AI's runtime on GitHub Is Numble the first AI-proof game? A3: Kubernetes for autonomous AI agent fleets | Emergent Principles Deepali Vyas ("The Elite Recruiter") GitHub - msmarkgu/RelayFreeLLM: A restful API designed to route user prompts to various AI model providers. Unionized ProPublica staff are on strike over AI, layoffs, and wages Unleashing the Advantage of Quantum AI We're heading for an AI-fueled 'dementia crisis,' brain scientist warns The AI-Assisted Breach of Mexico's Government Infrastructure [pdf] GitHub - stef41/lmscan: 🔍 Detect AI-generated text and fingerprint which LLM wrote it. Open-source GPTZero alternative. Zero dependencies, works offline. MSN GitHub - visionscaper/collabmem: Enabling long-term collaboration with Agentic AI - building up episodic and world model memory over time with in-context awareness We gave an AI a 3 year retail lease in SF and asked it to make a profit | Andon Labs AI Code is Hollowing Out Open Source, and Maintainers are Looking the Other Way What leaked "SteamGPT" files could mean for the PC gaming platform's use of AI AI is the boss at this retail store. What could go wrong? GitHub - Wuzu11517/agentic-proxy: Local proxy meant to help reduce With Drones, Geophysics and ArtificiaI Intelligence, Researchers Prepare to Do Battle Against Land Mines A Single Operator, Two AI Platforms, Nine Government Agencies: The Full Technical Report 在 Steam 上购买 FriedrichAI: Offline AI 立省 10% GitHub - inevolin/resume-cli: Hit Claude usage limits? Resume any AI coding session elsewhere. Switch tools at zero friction. GitHub - atripati/ark: AI Runtime Kernel — a context operating system for AI agents. Eliminates tool bloat, loads only what’s needed, and gives LLMs their reasoning space back. How to Build a Secure AI PR Reviewer with Claude, GitHub Actions, and JavaScript This Startup Wants You to Pay Up to Talk With AI Versions of Human Experts Intel Arc Pro B70 Brings 32GB VRAM to Local AI for $949 WordPress 7.0: The Good, the AI, and the Still Missing AI on the couch: Anthropic gives Claude 20 hours of psychiatry IatroBench: Pre-Registered Evidence of Iatrogenic Harm from AI Safety Measures AI Agents Know About Supabase. They Don't Always Use It Right. The history and future of AI at Google, with Sundar Pichai Inside an AI‑enabled device code phishing campaign How Meta Used AI to Map Tribal Knowledge in Large-Scale Data Pipelines AI for Systems: Using LLMs to Optimize Database Query Execution Forecasting the Economic Effects of AI Introducing Tinker: Play with AI, bring your ideas to life AI sheds light on an ancient gaming mystery People really hate AI but not as much as Iran—or Democrats | Fortune What is an AI Product Engineer? Phoebe Gates wants her $185 million AI startup to succeed with 'no ties to my privilege or my last name': 'I have a chip on my shoulder' | Fortune
GitHub - dshakes/compass: Developer-grade Claude Code + Codex configuration: cost-tiered subagents, workflow commands, guardrail hooks, MCP parity, and an installable plugin/marketplace.
chandu1221 · 2026-06-22 · via Hacker News - Newest: "AI"

Guardrails and a hard budget cap for your AI coding agent.

budget gate · guardrails 100/100 · ~61% cheaper routing · signed releases · 100% local · no telemetry · you always merge

ci release license: MIT Claude Code Codex Gemini status: alpha

Real Claude Code session with COMPASS_MAX_USD=0.05: 'run ls' executes while session cost climbs $0.09 → $0.35, then 'run git log' is BLOCKED — 'Budget ceiling reached: this session has spent ~$0.35, at or over your $0.05 cap. Stopping before it spends more.'

Real session, no edits: the cost climbs to $0.35, then the next action is HALTED at the $0.05 cap — before it spends more.

compass is a local-first config layer for Claude Code, Codex & Gemini that stops your agent from doing three things it shouldn't — burning your budget, running unsafe commands, and merging unverified code. Set COMPASS_MAX_USD=5 and the session hard-stops at the cap; catastrophic commands are blocked before they run, and the guardrail policy is scored 100/100 in CI — not asserted. You install it once, and you always merge.

# no curl|sh, fully reversible — then just open any repo in your agent
git clone https://github.com/dshakes/compass ~/compass && cd ~/compass && ./quickstart.sh
# or, inside Claude Code:   /plugin marketplace add dshakes/compass

▶ See it work  ·  Why it's different  ·  The self-fixing PR loop  ·  Install  ·  What's in the box  ·  📚 Docs


⭐ The part people screenshot: it fixes its own PRs.

Open a pull request and compass reviews it, security-checks it, runs the tests, cross-audits it with a second model — then pushes its own fixes until it's green. You just merge.

The idea in one line: the loop is the unit of work. A one-shot agent stops at its first wrong answer. compass loopsgenerate → test → critique → fix → repeat against a gate — so quality comes from iteration, not one lucky prompt. The same closed loop runs a single PR, or your whole fleet of repos overnight. (Try it locally in 30s, no tokens — watch it ↓.)


Why it's different — measured, not vibes

Every AI-agent config claims "safe" and "cheap." compass is the one that hands you the number — and lets a skeptic reproduce it in 30 seconds. Everyone has the same models; the edge is configuration you can trust, not another feature list. Four claims, four commands:

🛡 Guardrails with a score. Catastrophic commands and secret writes are blocked before they run — and the policy is eval-gated, not asserted. (In human terms: it won't let the agent delete your machine or leak your keys, and it can prove how well.)

compass bench     # → guardrail 100% precision/recall (61-case corpus), router 96.9% — in CI
# then ask the agent to `rm -rf /` or write a .env → denied; `rm -rf ./build` → allowed

📉 Cost routing that's measured. Cheap work goes to cheap models — scored against an eval set, ~61% cheaper than all-Opus at ~98% quality on a fair mix. (In human terms: it stops paying Opus prices to fix a typo.)

compass route "redesign the auth model"   # → opus
compass route "fix a typo"                 # → haiku

💸 A budget ceiling that actually stops it. Usage trackers report spend; compass enforces it — set a dollar cap and the session is halted before the next tool call once it's reached, live. (In human terms: an agent can't quietly run up a $40 bill while you're away — it stops at your number.)

export COMPASS_MAX_USD=5     # this session hard-stops at $5 — the agent is blocked, not just warned
compass spend --max-usd 5    # the same ceiling on the ledger, for scheduled / fleet runs

🔏 Supply chain you can verify. Releases carry keyless SLSA provenance, so a tampered or look-alike download is rejected. (In human terms: you can prove the code you installed is the code I shipped.)

compass verify v0.17.2     # → ✓ provenance verified

🧪 Red-team resistance, measured. Prompt-injection (direct/indirect/paste), CLAUDE.md poisoning, local safety-override, malware & insecure-code — scored against a labeled corpus that gates in CI, with optional escalation to a managed guardrails service (webhook · Bedrock · Azure). (In human terms: a poisoned repo or web page can't quietly turn your agent against you.)

compass redteam   # → injection corpus 100% P/R, then scans THIS repo's CLAUDE.md/MCP/settings

compass red-team layer: untrusted input (prompt/paste · web/MCP/tool output · CLAUDE.md/AGENTS.md · .claude/settings.json) → decode & normalize (base64/zero-width/homoglyph/leet) → detectors (injection · context-poisoning · safety-override · malware · insecure-code · prompt-leak), eval-gated 100% P/R → warn+audit / block / optional webhook·Bedrock·Azure → human merge gate.

No service, no telemetry, no --dangerously-skip-permissions; git pull to update. The work it can't safely own, it hands back — you keep the merge.


See it work

Smallest leap of faith first — the governance moment, then feel it, then see the proof, then see how it works.

0 · The budget ceiling, annotated — the same hard-stop as the hero clip, as a clean walkthrough ($1.80 ✓ → $4.10 ✓ → $5.00 HALTED). Usage trackers report spend; compass enforces it:

Terminal demo: with COMPASS_MAX_USD=5, the agent's actions are checked against the cap live — $1.80 allowed, $4.10 allowed, then at $5.00 the next action is HALTED (red) before it spends more. Usage trackers report spend; compass enforces it.

1 · The day-to-day feel — guardrails, the cost-aware status line, the loop, and the crew, in ~25 seconds:

Terminal demo: compass blocks 'rm -rf /' (red) while 'rm -rf ./build' is allowed (green), shows the cost-aware status line, then the autonomous PR loop — review · security · tests · Codex audit → BLOCKING auto-fixes on the branch and re-reviews → CLEAN → you merge.

2 · The headline, on a real PR — a Blocking bug and red tests, and it pushes its own fix until the PR is green (then waits for you):

Real screen recording of the loop on a live PR: the Reviewer posts Blocking findings and labels agent:needs-fix → the Builder pushes 'fix: correct off-by-one' to the PR's own branch → re-review goes clean and agent:reviewed-clean replaces agent:needs-fix. No human touched it; the merge stays yours.

3 · How that loop works — review · security · tests · Codex cross-audit run in parallel; Blocking findings get auto-fixed and re-reviewed (round-capped) until green, then it stops at you:

Autonomous SDLC loop: push a PR → Reviewer, Auditor (Codex), Security, QA run in parallel → BLOCKING labels agent:needs-fix → the Builder fixes on the branch and pushes → re-review (round cap ×3) → CLEAN → checks green → human merge gate → you merge.

Run it locally in 30s with ~/compass/sdlc/orchestrate.sh "<task>" (no tokens), or wire the GitHub loop for every PR. → how it works · reproduce it

And the everyday status line quietly keeps score, so you watch it earn its keep:

Opus 4.8 · myrepo · main* · 45k ctx · $1.23 · 🧭 🛡1 🧹2 💡1 📉~$1.65

session spend, then today's compass activity: 🛡 footguns blocked · 🧹 files formatted · 💡 policy nudges · 📉~$ estimated saved vs all-Opus. Each piece shows only when there's something to report; nothing leaves your machine.


Loops all the way up

Autonomy here isn't one big magic button — it's the same closed loop applied at four scales. Each runs until a gate says "done," then stops at a human. That's the whole trick: iteration under a gate beats a single confident guess.

Loop What it drives Where it stops
🔁 The task loop generate → test → critique → fix → repeat — one change driven to green when tests + review pass
🔎 The review loop review → auto-fix the Blocking findings → re-review, round-capped (×3) hands off to a human if still red
🛰️ The fleet loop the whole pipeline, scheduled across every repo you own, overnight, test-gated a PR per repo, approve from your phone
👥 The workflow loops parallel agents that fan out, fact-check each other, and converge one synthesized answer

Every loop ends the same way — you merge. That gate never moves.

The fleet: a scheduler fans governed agents across many repos in parallel; each runs the review → test → fix loop on its own branch, opens a PR, and waits at the human approval gate — approvable from your phone.


Prerequisites — what you need (and what you don't)

You want… You need Tokens?
The config, guardrails, CLI, subagents (local) Claude Code (or Codex/Gemini) + git None
The autonomous PR loop (GitHub Actions) A repo with Actions + gh, model auth (CLAUDE_CODE_OAUTH_TOKEN or ANTHROPIC_API_KEY), and SDLC_BOT_TOKEN (fine-grained PAT) so the loop can chain Yes
Keyless loop (self-hosted runner) A runner labeled compass + SDLC_BOT_TOKEN PAT only
The fleet (every repo) FLEET_TOKEN + FLEET_MAINTAINER Yes

One command wires the GitHub loop: ~/compass/sdlc/setup.sh --all (labels + workflows + CODEOWNERS + secrets + branch protection). Without SDLC_BOT_TOKEN the loop still runs — it just won't auto-re-fire after a fix. → full SDLC setup


Install

Pick the door that fits — all reversible, version-pinnable, no curl | sh. You need an AI assistant (Claude Code; Codex/Gemini optional) + git. No API keys to get the manual, guardrails, crew, and CLI.

🍺 Homebrew — managed & versioned

brew tap dshakes/compass https://github.com/dshakes/compass
brew install dshakes/compass/compass     # latest release · --HEAD to track main
compass quickstart                       # previews, asks, then wires it into ~/.claude

📦 Git clone — own & edit your config (recommended)

git clone https://github.com/dshakes/compass ~/compass && cd ~/compass
git checkout v0.17.2     # optional: pin to a release instead of main
./quickstart.sh          # previews every change, asks first, fully reversible

🧩 Claude Code plugin — no terminal (ideal for a team)

/plugin marketplace add dshakes/compass
/plugin install core@compass

🛠️ By hand: make dry-run (preview) → make installmake doctor. Symlink install means git pull/brew upgrade updates everything; make uninstall removes only what it added. → Team rollout

One config, every agent — native installs

For every kind of user: a one-line marketplace/extension install (no terminal), or make install if you'd rather own the files. Same operating manual + MCP servers, the way each tool expects them:

Agent Native install (no terminal) or own the files
Claude Code /plugin marketplace add dshakes/compass/plugin install core@compass make install
Codex codex plugin marketplace add dshakes/compass/plugin install make install (~/.codex/AGENTS.md + config.toml)
Gemini CLI gemini extensions install https://github.com/dshakes/compass ./install.sh --gemini (~/.gemini/GEMINI.md)
Cursor · Copilot · OpenCode · Windsurf read the repo's AGENTS.md (AGENTS.md standard) clone + make install

CLAUDE.md · AGENTS.md · GEMINI.md are one file (symlinks), and the Claude/Codex plugin manifests + Gemini extension are generated from one source and CI-checked (scripts/check-vendor.sh) — so a git pull updates every agent at once and a manifest can't drift.

The marketplace/extension manifests match each vendor's documented schema and are structure-validated in CI. The live install is manually verifiedgemini extensions install (gemini 0.26.0) and codex plugin marketplace add (codex 0.130.0) both succeed against this repo — but isn't run in our CI (those CLIs aren't in the runner).

✅ Verify → your first run

compass doctor      # validate the install — expect "0 error"
compass status      # is compass active here, and what's loaded?

Then just open Claude Code as usual — the manual, guardrails, subagents, commands, and status line are already loaded. Feel it in a minute: ask for a dangerous command (blocked), run /review on your diff, or compass route "<task>" to see the tier it picks. No tokens, no signup for any of it.


What's in the box

Everything below is on after one install or a single opt-in — the autonomous loops above sit on top of this. The README sells; the docs explain — each row links to the detail.

The whole compass stack: a guarded base (manual · guardrail/secret/format/audit hooks · red-team injection scanners · cost-tiered router) under a frontier layer of closed loops — the autonomous SDLC pipeline, the scheduled fleet, and parallel dynamic workflows — all ending at a permanent human merge/deploy gate.

Capability One line Deep dive
🔁 Autonomous SDLC the review → security → tests → Codex audit → auto-fix → re-review loop; you merge 09-sdlc
🛰️ The fleet the loop, scheduled across all your repos through a test gate; approve from your phone 14-fleet
👥 The crew + workflows 10 cost-tiered subagents · 12 slash-commands · 3 dynamic workflows that fact-check each other 12 · 13
🛡 Guardrails & scanning 4 hooks block disasters, catch secrets (write-hook + compass scan), auto-format, keep a JSONL audit log 16-hardening
🧪 Red-team hardening eval-gated defense vs prompt-injection (direct/indirect/paste), CLAUDE.md poisoning, local safety-override, malware & insecure code; optional webhook/Bedrock/Azure backend 17-red-team
🧭 Cost-tier router a standalone, reusable module — keyword heuristic → optional classifier → Haiku judge cascade; eval-gated router/
🧰 The compass CLI onboard · impact · drift · scan · redteam · sandbox · verify · audit-log · spend · dashboard 11-using
🔌 MCP + LSP curated, version-pinned MCP servers (context7 · fetch · git) + opt-in language-server intelligence 04 · 06
🪪 Every agent, one source Claude Code · Codex · Gemini — plus Cursor/Windsurf/Copilot via the AGENTS.md standard 12-every-agent
💸 Live budget ceiling a hard spend cap that halts the session before the next tool call (COMPASS_MAX_USD) — enforced, not just reported 02-cost
💰 Cost discipline routing scored & CI-gated, per-step budget caps, compass spend/impact to see the $ 02-cost

Safety, honesty & status

Built to be trusted before it's run — and honest about its limits.

  • You own the irreversible. Agents prepare; humans push, merge, deploy. Required checks + a code-owner approval enforce it — there's no "merge to prod" button.
  • Readable & reversible. No curl | sh. The installer backs up what it replaces, is idempotent, and make uninstall removes only what it added. Pin a tag, not main.
  • Guardrails reduce footguns; they are not a security boundary. Keep least-privilege credentials and review your diffs. (For untrusted code, compass sandbox is a real boundary.)
  • Red-team hardening is defense-in-depth, not immunity. It warns on prompt-injection (direct/indirect/paste), CLAUDE.md poisoning, and local safety-override, and refuses to grant project-level safety exceptions — but the cardinal rule (external content is data, not instructions) and the human gate are what actually hold. compass redteam measures it; see docs/17-red-team.md.
  • What talks to the network. compass phones home to nothing. The auto-registered MCP servers reach non-Anthropic endpoints — context7 → Upstash (library docs), fetch → URLs you request; git is local. Hooks are short, commented shell scripts in claude/hooks/; disable any via claude/settings.json.
  • Grounded, not invented. Every capability maps to a documented Claude Code / Codex primitive — cited in docs/07-practices.md.

Status: alpha. The core — manual, hooks, subagents, commands, MCP, plugin — is stable and dogfooded daily. The SDLC pipeline is newer: its logic is statically validated in CI and exercised via a smoke-test checklist you run on your own repo — treat it as early. The red-team layer is new: its detectors are eval-gated in CI (precision/recall on a labeled corpus) and resist obfuscation (compass redteam --attack), but pattern detection is best-effort defense-in-depth, not immunity — and the managed-guardrail adapters are response-parsing contract-tested, with the live Bedrock/Azure calls unverified in CI (need your creds) and no live third-party benchmark scores (see docs/17). Dynamic workflows are a Claude Code research preview. The human merge/deploy gate is permanent, by design.


Docs

Start here → Using compass — install, the pieces in plain language, the daily workflow.

Philosophy · Architecture · Cost & models · Customize · MCP · Plugin & team rollout · LSP · Practices · Defaults · SDLC · Roadmap · Every agent · Dynamic workflows · Fleet · Competitive audit · Hardening + frontier · Red-team · Open benchmark · Provenance · Router module · ADRs

MIT · built to be shared · contributions welcome