Open Source · CLI-First · Backend-Agnostic

From chaotic requirements to verified code

Three CLI tools. One pipeline covering the entire chain — from idea to secure code in production.

Explore tools
Phase 01
intake
Capture and normalize

From Jira, PDFs, Slack or a sentence — to an executable YAML spec for any agent.

Phase 02
architect
Implement with control

AI agents with deterministic guardrails, budget limits, and audit trail. Backend-agnostic.

Phase 03
vigil
Verify and protect

Detects AI-code vulnerabilities: hallucinations, slopsquatting, over-permissions.

◻ Phase 01 — Preparation

intake

From chaotic requirements to executable spec

Capture from Jira, PDFs, Confluence, Slack, or natural language. Normalize, deduplicate, detect conflicts, generate YAML spec.

Does not generate code. It is preparation infrastructure.

  • Multi-source: Jira, PDFs, Slack, images
  • Deduplication and conflict detection
  • Universal YAML output
  • Full traceability
Go to documentation
Terminal — intake collect
# Capture from multiple sources $ intake collect --from jira:PROJ-123 --from pdf:specs/req.pdf --from slack:#dev ◻ 14 requirements · 2 conflicts ◻ Spec → .intake/spec.yaml
△ Phase 02 — Implementation

architect

Deterministic control for code agents

Guardrails the LLM cannot bypass. Backend-agnostic. Switch models without changing your pipelines.

  • Ralph Loop: iteration with verification
  • Protected files, budget limits
  • 100+ providers, zero lock-in
  • Native OWASP, OpenTelemetry
Go to documentation
Figure 03 — architect loop
$ architect loop "Payments module" --check "pytest tests/ -q" --check "vigil scan src/" --budget $2.00 △ Loop 3/10 ✓ 18/18 passed · $0.089
◇ Phase 03 — Verification

vigil

Security scanner for AI code

Detects hallucinated dependencies, slopsquatting, over-permissions, empty tests. Deterministic, no LLMs.

  • Ghost dependencies in registries
  • Typosquatting and slopsquatting
  • Tests: empty asserts, fake coverage
  • Quality gate for CI/CD
Go to documentation
Terminal — vigil scan
$ vigil scan src/ ◇ 47 files... ✗ DEP-001 flask-helper (hallucinated) ✗ SEC-003 CORS disabled ✓ 45/47 clean
// Full Pipeline

Three commands. Zero supervision.

From ticket to verified PR. Headless, auditable.

pipeline.sh
#!/bin/bash intake collect --from jira:SPRINT-42 --out spec.yaml architect loop "Implement spec.yaml" \ --check "pytest && vigil scan src/" vigil scan src/ --format junit
// Principles

Built on convictions

01

CLI-first

If it doesn't fit in a script, it doesn't work for CI/CD.

02

Determinism

The LLM cannot skip tests or quality gates.

03

Zero lock-in

Switch models without touching your pipeline.

04

Open source

Auditable code that governs your code.

05

Headless-first

Works at 3am without supervision.

06

Complements

We cover gaps others don't see.

Your AI pipeline, under control

Install and run your first pipeline with guarantees.

Documentation