Native rules + real-time hooks + static guards to catch what AI coding agents get wrong — before it reaches your codebase. Duplicate files, invented APIs, dangerous shell commands, unverified "I'm done" claims. Blocked at the source.
utils_v2.py next to utils.py — duplicate files pile up.user.fullName that never existed on the model.git push --force on main.--force-with-lease./vibeguard:learn turns each mistake into a new guard.
Hooks block bad actions at the source. Not prompt guidelines the model can forget.
Interceptions return OBSERVATION → FIX → WHY. The agent self-corrects in one turn.
Repeated errors become new guards via /vibeguard:learn. The system gets stricter over time.
| layer | what it does |
|---|---|
| Native rules | 109+ constraints auto-loaded into CLAUDE.md / AGENTS.md. Bias the model away from bad decisions before it acts. |
| Runtime hooks | PreToolUse / PostToolUse intercept writes, bash, edits. Block dangerous or low-quality actions in real time. |
| Static guards | Project scans for duplicate files, slop patterns, structural issues. Run via /vibeguard:check. |
| Slash commands | /vibeguard:preflight, :review, :check, :learn — workflows for each phase of the loop. |
| Learning loop | Repeated mistakes surface as candidate rules. Reviewed, then compiled into the native rule set. |
| Observability | Metrics, logs, and health checks for every interception. You see what was blocked and why. |
┌─ VibeGuard ─────────────────────────────────────────┐ ✗ blocked pre-bash-guard → command: git push --force origin main → rule: L7 · commit discipline · W-force-destructive → reason: destructive overwrite on protected ref ⚠ fix use git push --force-with-lease instead or resolve upstream locally before pushing └─────────────────────────────────────────────────────┘ agent: retrying with --force-with-lease
$ git clone https://github.com/majiayu000/vibeguard.git ~/vibeguard $ bash ~/vibeguard/setup.sh
Works with Claude Code and Codex CLI · MIT licensed · no telemetry