DISCOVER THE FUTURE OF AI AGENTSarrow_forward
smart_toyAgent Park
arrow_backBACK TO PROJECTS

SpecLock

calendar_todayAdded Apr 23, 2026
categoryAgent & Tooling
codeOpen Source
TypeScriptNode.jsModel Context ProtocolAI AgentsCLIAgent & ToolingDeveloper Tools & CodingSecurity & Privacy

AI Constraint Engine that enforces project rule file constraints as immutable locks, preventing AI coding assistants from violating developer-defined constraints.

SpecLock is an AI Constraint Engine (v5.5.4) developed by Sandeep Roy (@sgroy10). It intercepts rule violations before AI coding assistants execute them, featuring a semantic conflict detection engine and an MCP server with 51 tools.

Core Capabilities#

Semantic Conflict Detection Engine: Dual architecture — pure JavaScript local heuristic engine (zero runtime LLM dependency, ~250ms/check, 95%+ accuracy) and Gemini Flash hybrid mode (cross-domain fallback, ~2s/check, $0.01/1000 checks). Covers 10+ attack patterns: direct violation, euphemism/beautification attacks, temporal evasion, dilution attacks, compound sentence splitting, synonym substitution, payment gateway brand identification (11 Indian gateways), salary/compensation cross-vocabulary, security system bypass, and unknown domains. Built-in 65+ synonym groups, 80+ euphemism mappings, 9 domain concept graphs (fintech, e-commerce, IoT, healthcare, SaaS, payments, gaming, telecom, government). Claude adversarial test: 100/100 score, zero false positives, 15.7ms/check.

Enforcement Modes: Advisory (default, AI receives warning and decides) and Hard mode (MCP returns isError, AI cannot proceed, configurable 70% confidence threshold).

Patch Security Review: Patch Gateway (v5.1) outputs ALLOW/WARN/BLOCK judgment, blast radius, and risk score (0-100) from description + file list; AI Patch Firewall (v5.2) reviews actual diffs, detecting interface breakage, protected symbol editing, dependency drift, schema changes across 10 signals, with unified review weights: intent 35% + diff 65%.

Spec Compiler & Code Graph: NL→constraint auto-extraction (supports PRD/README/architecture docs as input); dependency graph with JS/TS/Python import resolution, blast radius analysis, lock-to-file mapping.

Typed Constraints: Numeric, range, state transition, and time interval constraints for autonomous systems, IoT, and robotics.

Project Health Metrics: Drift Score (0-100) measuring deviation from original intent; Lock Coverage scanning unprotected high-risk areas; Lock Strengthener evaluating and suggesting improvements for each lock.

Cross-Tool Sync: speclock sync --all syncs constraints to Cursor, Claude Code, GitHub Copilot, Windsurf, Gemini, Aider, AGENTS.md (7 formats).

Security Templates: Built-in safe-defaults (Vibe Coding seatbelt), hipaa, api-stability, solo-founder, nextjs, security-hardened, etc.

Auto-Guard: Automatically discovers related files after locking rules and injects SPECLOCK-GUARD comments so AI sees warnings when opening files.

Event Replay: Flight recorder for AI coding sessions, replaying each operation and SpecLock judgment.

Enterprise Security#

RBAC + API Key authentication (4 roles: viewer/developer/architect/admin); AES-256-GCM encrypted storage with PBKDF2 key derivation (100K iterations); HMAC-SHA256 audit chain with each event hash-linked to the previous one for tamper detection; compliance export for SOC 2 Type II, HIPAA PHI protection reports, CSV; Policy-as-Code via YAML declarative rules (.speclock/policy.yml).

Architecture Overview#

AI tools connect to SpecLock Core Engine via MCP Protocol (51 tools) or npm file-based approach (SPECLOCK.md + CLI). Core engine contains semantic engine, HMAC audit chain, enforcer, auth & RBAC, AES-256-GCM encryption, Policy DSL, and compliance export modules. All state stored in local .speclock/ directory (brain.json, events.log, policy.yml, auth.json, context/). Only 3 npm runtime dependencies, semantic engine has zero external dependencies. 991 tests, 19 test suites, 100% pass rate.

Distribution & Adaptation#

  • Node.js: npm package speclock
  • Python: pip package speclock-sdk, sharing the same .speclock/brain.json with Node.js CLI
  • ROS2 Guardian Node: subscribes to /joint_states, /cmd_vel, publishes violations to /speclock/violations, triggers emergency stop
  • AI tool compatibility: Claude Code, Cursor, Windsurf, Cline, Codex, Bolt.new, Lovable, GitHub Copilot, Gemini, Aider
  • Listed on Smithery MCP Registry

Quick Start#

npx speclock protect
speclock mcp install claude-code
speclock doctor

Python SDK: pip install speclock-sdk

Strict mode: speclock protect --strict or env var SPECLOCK_STRICT=1

Unconfirmed Items#

  • Actual npm package version (page blocked by Cloudflare, cannot verify alignment with README's v5.5.4)
  • Actual availability of pricing tiers (Free/Pro $19/mo/Enterprise $99/mo) — no billing implementation evidence found
  • SSO integration (Okta/Azure AD/Auth0) mentioned only in architecture diagram, no config docs or implementation code
  • ROS2 node completeness and availability not deeply verified
  • VS Code extension (vscode-extension/ directory exists) — not verified if published to Marketplace
  • Test count discrepancy: README states 991 tests, website shows 1073, possibly website not updated
  • No associated academic papers found

Related Projects

View All arrow_forward

Basic Memory

Local-first knowledge management combining Zettelkasten with knowledge graphs, enabling LLM cross-session persistent memory via Model Context Protocol.

PythonKnowledge Base
VIEW DETAILS arrow_forward

vfs (Virtual Function Signatures)

AST-level code signature extractor and MCP Server, reducing AI coding agent token consumption by ~98.6% across 17 languages.

Model Context ProtocolGo
VIEW DETAILS arrow_forward

RexCLI

A local-first AI memory system and orchestration layer for existing coding agents like Codex CLI, Claude Code, and Gemini CLI

Node.jsWorkflow Automation
VIEW DETAILS arrow_forward

STAY UPDATED

Get the latest AI tools and trends delivered straight to your inbox. No spam, just intelligence.

rocket_launch