failproofai
v0.0.13
Published
The easiest way to manage policies that keep your AI agents reliable, on-task, and running autonomously — for Claude Code & the Agents SDK
Maintainers
Readme
Translations: 简体中文 · 日本語 · 한국어 · Español · Português · Deutsch · Français · Русский · हिन्दी · Türkçe · Tiếng Việt · Italiano · العربية · עברית
Runtime failure resolution for coding agents. Hooks into Claude Code and Codex. Catches loops, dangerous actions, and secret leaks before they become incidents. Zero latency. Runs locally.
Supported agent CLIs
Install hooks for one or any combination:
failproofai policies --install --cli opencode pi gemini(or--cli claude codex copilot cursor opencode pi gemini hermes). Omit--clito auto-detect installed CLIs and prompt.Hermes (hermes-agent, a Slack/Telegram gateway) is supported for both live-hook enforcement (
--cli hermes— one install intercepts tool calls from every platform and subagent) and offline audit replay of its gateway sessions from the single~/.hermes/state.db.
Install
npm install -g failproofai
failproofai policies --install # or just run `failproofai` and accept the first-run prompt
failproofai30 built-in policies activate immediately. Dashboard at localhost:8020. Disable the first-run prompt with FAILPROOFAI_NO_FIRST_RUN=1.
What it stops
| Policy | What it blocks |
|---|---|
| block-push-master | Direct pushes to main / master |
| block-force-push | git push --force |
| block-work-on-main | Commits, merges, rebases on main / master |
| block-rm-rf | Recursive file deletion |
| sanitize-api-keys | API keys leaking into agent context |
Your own policies
Drop a file into .failproofai/policies/ — it loads automatically, no flags needed.
Commit it and the whole team gets it on next pull.
import { customPolicies, deny, allow } from "failproofai";
customPolicies.add({
name: "no-production-writes",
match: { events: ["PreToolUse"] },
fn: async (ctx) => {
if (ctx.toolInput?.file_path?.includes("production"))
return deny("Writes to production paths are blocked.");
return allow();
},
});Three decisions available to every policy:
| Decision | Effect |
|---|---|
| allow() | Permit the operation |
| deny(message) | Block it — message goes back to the agent |
| instruct(message) | Let it through, but add context to the agent's next prompt |
Session visibility
Every tool call your agent makes is logged locally. The dashboard shows what ran, what was blocked, and what the policy told the agent — so you're not guessing when something goes wrong. → Dashboard guide
Documentation
| | | |---|---| | Getting Started | Installation and first steps | | Built-in Policies | All 30 policies with parameters | | Custom Policies | Write your own | | Configuration | Config scopes and merge rules | | Dashboard | Session monitor and policy activity | | Architecture | How the hook system works |
License
MIT with Commons Clause — free for internal and personal use; commercial resale of failproofai itself requires a separate agreement. See LICENSE for the full text.
Contributing
See CONTRIBUTING.md. New policies, edge cases, and translations all welcome.
Build before you start. Run
bun install && bun run buildfirst. This repo runs failproofai's own hooks on itself, and they resolve thefailproofaiimport against the compileddist/bundle — without a build you'll hitCannot find package 'failproofai'hook errors. Rebuild after changingsrc/. See Build before the in-repo dev hooks will work.
Built by Nivedit Jain and Nikita Agarwal. befailproof.ai
