full agent-discipline harness built on Claude Code primitives

Resolved 💬 3 comments Opened Apr 28, 2026 by mahmood726-cyber Closed May 31, 2026

Preflight Checklist

  • [x] I have searched existing requests and this feature hasn't been requested yet
  • [x] This is a single feature request (not multiple features)

Problem Statement

Sharing a system I've built using Claude Code's primitives (hooks, settings.json env, custom slash commands, auto-memory) that may
be of interest as a usage pattern. ~470 GitHub repos, ~1000 hours/month, scientific meta-analysis tooling.

The pieces, with public links:

  • Sentinel — pre-push fail-closed rule engine. 23 rules (6 YAML + 17 plugin). Each rule cites a past-incident commit. SARIF emitter

for GitHub code-scanning UI integration. https://github.com/mahmood726-cyber/Sentinel

  • Overmind — nightly portfolio verifier. 5 witness types: test_suite, smoke, semgrep, numerical, numerical_continuity. HMAC-signed

verdict bundles. UNVERIFIED verdict distinct from PASS to avoid "almost-pass" false certifications.
https://github.com/mahmood726-cyber/overmind

  • home-config — AGENTS.md hierarchy + .claude/rules/ + auto-memory + hash-verified mirror at agent-rules-export/.

https://github.com/mahmood726-cyber/home-config

Proposed Solution

.

Alternative Solutions

.

Priority

Critical - Blocking my work

Feature Category

CLI commands and flags

Use Case Example

_No response_

Additional Context

Patterns that aren't in any OSS solo-dev tool I know:

  1. Hash-verified memory mirror across providers — Anthropic auto-memory is opaque to Gemini/Codex/external agents; mirroring

critical files into a tracked dir with sha256 manifest.json + --verify CI flag gives non-Claude agents the same context Claude has.

  1. Recursive drift checking — Sentinel audits projects → Overmind audits Sentinel via JSONL ingest → reconcile_counts.py audits the

registry Overmind reads → drift_check_post_sweep.py audits all of the above. Each layer detects drift in the layer below.

  1. Self-tuning from your usage analytics — your "Claude insights" report flagged 132 buggy_code events + token-cap blackouts;

same-day commit added settings.json env var (CLAUDE_CODE_MAX_OUTPUT_TOKENS=32000), SessionStart env-grounding hook, PostToolUse
smart-pytest hook with cooldown/timeout, lessons.md rules for idempotency / codemod safety / git-init guard.

  1. Paired remote+local scheduling — Anthropic routine for cloud-side checks (arXiv search, GitHub-visible drift) + Windows Task

Scheduler entry for local-only checks (reconcile_counts.py, on-disk Sentinel rule count). Explicit task split avoids each side
reaching across the boundary.

What worked well from Claude Code that I want to highlight:

  • Hooks system is genuinely powerful. Smart PostToolUse pytest with file-extension gating + per-repo cooldown + 60s subprocess

timeout is exactly the right shape for fast feedback without grinding sessions to halt. The naive "run pytest after every edit"
suggestion in the insights report would have been actively harmful given suite times of 113-240s.

  • effortLevel: xhigh + Opus 4.7 (1M context) lets sessions span 1000+ lines of multi-file diffs without losing coherence.
  • The Skill tool + the official plugins (code-review, superpowers, frontend-design) compose well with custom workflow.

Possible gaps worth knowing about:

  • Multiple sessions today went opaque from a 500-output-token cap. Raising via CLAUDE_CODE_MAX_OUTPUT_TOKENS env is the fix; might

be worth defaulting higher.

  • pip-installing tools system-wide can silently downgrade dependencies (semgrep 1.161.0 strict-pinned mcp==1.23.3, downgrading my

MCP servers from 1.27.0). Suggested: a default warning when pip install from agent code crosses package boundaries.

  • The 500-finding tool-error-output truncation can hide diagnostic detail when iterating on edits.

Happy to walk through any of this. The patterns are MIT-licensed if useful.

BW

Mahmood

mahmood.ahmad2@nhs.net

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗