TOOLING — SHIPPED
Claude Code Kit
AI coding you can ship to production without a babysitter — every commit reviewed and gated.
AT A GLANCE
- STATUS
- SHIPPED
- TIMELINE
- 2026-06 — 2026-06 · 1 DAYS
- LANGUAGES
- Python
- CATEGORY
- TOOLING
SOURCE LINES (PYTHON)
OUTCOME
You get auditable, recoverable, consistent AI development: each commit is reviewed before it lands, and force-push and history rewrites are physically blocked at the system level.
METRICS
M.01 — SOURCE LINES (PYTHON)
Python powering the gates, hooks, installer, and context injector
M.02 — PRE-COMMIT GATES
Automated checks on every commit: AI code review, script reasons, link integrity, docs freshness, file-size budgets, secret scanning — all blocking by default
M.03 — WORKFLOW SKILLS INCLUDED
Reusable multi-step skills: handoff, tdd, grill-me, caveman, to-issues, zoom-out, audit-structure, compact-docs, write-a-skill
M.04 — DANGEROUS GIT PATTERNS BLOCKED
Force-push, hard reset, branch delete, history rewrites, and working-tree wipes — physically blocked, with no flag to override
THE CASE, CHAPTER BY CHAPTER
CH.01
The problem
An unsupervised AI agent will eventually skip a safety check under pressure — and nothing alarms when it does.
Under deadline stress it force-pushes past a failing test, commits without updating docs, or brings back a pattern you deleted on purpose. These failures are silent: they accumulate until your codebase is inconsistent or a secret is sitting in git history. Better prompts don't fix this — rules in a chat window evaporate; rules enforced by the toolchain do not.
CH.02
What it delivers
A drop-in governance layer that forces every commit through an AI reviewer and five automated quality gates — installed in one command.
You get three things a buyer cares about. Auditability: every commit is reviewed for style, risk, and secrets before it lands. Recoverability: hard hooks physically block force-push and history rewrites — the agent cannot bypass them even if told to. Consistency: docs freshness, link integrity, and markdown budgets are checked automatically, every time.
CH.03
How it works
Three enforcement layers run on every commit, and the agent cannot opt out of any of them.
Claude Code hooks fire before any command and block 11 dangerous git patterns — force-push, reset --hard, history rewrites — at the system level. A two-phase pre-commit pipeline then runs an AI judge on each changed file, followed by five deterministic checks (script reasons, link integrity, docs freshness, markdown budgets, secret scanning). A short rules file is re-injected on every commit so a long session never erodes your constraints.
CH.04
Fast and free to adopt
Unchanged files are never re-reviewed, and no API key is required to start.
The AI judge caches each verdict by content hash, so commit-hook time stays flat as your codebase grows. The judge is fully opt-in: if no key is set, the gate soft-passes and the commit proceeds — safe to adopt with zero cost. Everything installs under a namespaced folder, so it never collides with your existing tools, and your CLAUDE.md is never overwritten.
CH.05
Proven at scale
Born from a real project of 2,871 commits built over ~83 days with AI as the primary developer.
The kit was extracted and generalized from a single-developer codebase where every failure mode it guards against — force-push under pressure, doc drift, secret leak — actually happened and was fixed by this exact discipline. It installs with one command, runs on Python 3.9 and git, and ships with 9 reusable workflow skills (handoff, TDD, issue creation, documentation audits, and more).
THE BUILD, WEEK BY WEEK
2 COMMITS — IN 1 DAYS — AVG 2/DAY
FEATURES
| AI code-review judge | An AI reviews every changed file before it commits, flags risky code or secrets in the file itself, and caches its verdict by content hash so unchanged files are never re-reviewed. |
|---|---|
| Hard git-safety hooks | The system physically blocks 11 dangerous git operations — force-push, hard reset, branch delete, history rewrites — before they run, and the AI agent cannot override them even if instructed to. |
| Deterministic pre-commit gates | Six automated gates check every commit for script reasons, broken links, stale docs, oversized files, and leaked secrets — running the read-only checks in parallel to keep the commit fast. |
| Session context injector | Every time the editor opens, the agent is automatically reloaded with the project's rules, latest handoff, recent commits, and open issues, split into chunks that fit the context limit. |
| Cross-platform installer | A single Python script installs the whole kit on Windows, Mac, or Linux without overwriting your existing files — it backs them up, appends to .gitignore, and sizes itself to your repo. |
ARCHITECTURE
| install.py | Cross-platform installer: copies template, substitutes names, installs packs, strips opt-outs, sizes context-injection hooks, runs pre-commit install |
|---|---|
| hooks/ (Claude Code tool hooks) | PreToolUse/PostToolUse hooks: block dangerous git ops, run AI judge before script launch, re-inject CLAUDE.md on commit, soft-nudge toward MCP tools |
| gates/ (pre-commit gate suite) | Two-phase dispatcher plus six gates: critic_llm (AI judge), check_file_reason, check_links, check_doc_freshness, check_md_size, check_secrets |
| inject_context_docs.py | SessionStart hook that chunks the project-knowledge corpus into <=9,800-char slices and emits one chunk per registered hook entry |
| skills/ | Nine reusable multi-step workflow skills: handoff, tdd, grill-me, caveman, to-issues, zoom-out, audit-structure, compact-docs, write-a-skill |
| packs/ (language packs) | Opt-in gate extensions: Rust (cargo-audit, cargo-vet, binary-secrets), Python (ruff lint) |
| seeds/ | Copy-paste starting points for the user's global ~/.claude/CLAUDE.md: universal discipline rules, user-profile template, portable engineering lessons |
STACK
SKILLS DEMONSTRATED
Guardrails for autonomous AI coding agents · Automated code review and quality gates · LLM integration with cost-safe fallbacks · Secret-leak prevention before commit · Cross-platform tooling (Windows, Mac, Linux) · Documentation-drift enforcement · Git-safety automation that cannot be bypassed · Developer workflow and toolchain design
THE CODE, MAPPED
319 NODES · 487 EDGES · 51 COMMUNITIES — EXTRACTED FROM THE CODEBASE BY TREE-SITTER