Skip to content
View Conalh's full-sized avatar
🏠
Working from home
🏠
Working from home
0 followers · 1 following

Achievements

Achievement: Pair Extraordinairex2Achievement: Pull Sharkx3Achievement: QuickdrawAchievement: YOLO

Achievements

Achievement: Pair Extraordinairex2Achievement: Pull Sharkx3Achievement: QuickdrawAchievement: YOLO

Highlights

  • Pro

Block or report Conalh

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
Conalh/README.md

Connor Hickey

Local-only CLIs and GitHub Actions that audit AI-agent activity β€” config drift, capability changes, scope creep, runtime behavior, and live session trajectory. Nothing leaves the machine; every tool is advisory by default.

Pasadena, CA Β· @conalhck

agent-gov suite

A layered review stack for AI-agent work: one substrate, five PR-time detectors, one live runtime monitor, one meta-reviewer.

Substrate

  • agent-gov-core β€” canonical Finding schema, mergeFindings, JSONC/TOML/MCP/shell/transcript parsers. Zero runtime deps.

PR-time detectors β€” each runs standalone as a CLI or GitHub Action.

  • ScopeTrail β€” diff of agent config files (.claude/settings.json, .mcp.json, Codex sandbox).
  • PolicyMesh β€” contradictions across MCP, Claude, Cursor, Codex, Aider configs.
  • CapabilityEcho β€” new network, subprocess, eval, lifecycle, or workflow-permission signals on the added diff lines.
  • TaskBound β€” scope creep: PR diff vs stated task.
  • SessionTrail β€” risky runtime behavior in Cursor/Claude/Codex transcripts (credential reads, curl|sh, unknown MCP servers, scope escapes).

Live runtime monitor

  • AgentPulse β€” terminal dashboard that classifies live agent sessions (converging / exploring / stuck / done / drifting / idle). Deterministic, no LLM.

Meta-reviewer

  • GovVerdict β€” ingests JSON reports from the five PR-time detectors, dedupes by fingerprint, renders one consolidated PR review.

Demo

  • agent-gov-demo β€” a rogue PR (#1) that trips all five detectors at once. The PR is deliberately titled "fix: typo in README" β€” TaskBound is meant to catch that.

Example workflow: agent-gov-review.yml.

Other

  • fit-ontology β€” client-intelligence ontology for personal trainers. Unifies wearables, intake, and ACSM guidelines into one queryable model, with an explainable rules-based reasoning layer.

Pinned Loading

  1. agent-gov-demo agent-gov-demo Public

    Sandbox repo for the agent-gov suite β€” a rogue PR that trips ScopeTrail, PolicyMesh, CapabilityEcho, TaskBound, and SessionTrail at once.

    JavaScript

  2. GovVerdict GovVerdict Public

    One consolidated review across every agent-gov tool β€” dedupes findings from ScopeTrail, PolicyMesh, CapabilityEcho, TaskBound, and SessionTrail into a single PR verdict. Local-only, MIT.

    JavaScript

  3. agent-gov-core agent-gov-core Public

    Shared library for the agent-gov suite β€” canonical Finding schema, cross-tool mergeFindings, JSONC/TOML/MCP/shell/transcript parsers. Zero runtime deps, local-only, MIT.

    TypeScript

  4. fit-ontology fit-ontology Public

    Client intelligence layer for personal trainers. Unifies wearables, intake, and ACSM guidelines into one ontology with an explainable rules-based reasoning layer.

    Python

  5. AgentPulse AgentPulse Public

    Live trajectory verdict for AI coding agent sessions. Local-only, deterministic, no LLM. Watches Claude Code, Cursor, Codex transcripts and shows what each agent is doing right now in a terminal da…

    TypeScript

  6. overreach overreach Public

    Catch code that overreaches before it merges β€” a fast capability scanner for diffs, files, and repos.

    Rust