Batch 31 — Hooks/Governance Overflow (lint, audit, steering, verification)
Roster (10)
| slug | stars | distribution | cli_binary | local_ui | orchestration | multi_model | tier |
|---|---|---|---|---|---|---|---|
| vibelint | 2 | npm-package | vibelint | none | none | no | A |
| ctxlint | 6 | npm-package | ctxlint | none | none | no | A |
| theauditor | 550 | unknown | unknown | unknown | unknown | unknown | C |
| clauder | 58 | bash-script-bundle | clauder (wrapper) | web-dashboard | sequential | no | A |
| zenable | 0 | unknown | unknown | unknown | unknown | unknown | C |
| haft | 1333 | cli-tool | haft | terminal-tui | sequential | no | A |
| sponsio | 445 | standalone-repo | sponsio | web-dashboard | none | no | A |
| dashclaw | 268 | standalone-repo | dashclaw | web-dashboard | none | no | A |
| pi-steering-hooks | 5 | npm-package | none | none | none | no | A |
| spartan-ai-toolkit | 72 | npm-package | installer | none | sequential | no | A |
Intra-Batch Patterns
All 8 full-analyzed frameworks share the conviction that prompt-based behavioral rules are insufficient and must be supplemented by code-level enforcement. The batch cleaves into two camps: pre-session linters (vibelint, ctxlint — analyze before or after sessions, no live hooks) vs runtime guardrails (clauder, sponsio, dashclaw, pi-steering-hooks — intercept tool calls mid-session). Haft and Spartan are outliers: Haft governs the reasoning discipline before tool calls happen (decision contracts, not regex rules), while Spartan enforces engineering workflows through mandatory phase gates rather than tool-call interception. The intervention axis runs from post-session audit (vibelint, leftmost) through pre-session static lint (ctxlint) through pre-tool blocking (pi-steering-hooks, clauder, sponsio, dashclaw) to pre-reasoning governance (haft). None of the 8 full-analyzed frameworks use multi-model routing.
Most Interesting Finds
Sponsio — ships a Fuzzy LTL (Linear Temporal Logic) monitor for temporal ordering contracts (e.g., "compliance_approve must precede wire_transfer"), benchmark-validated on public datasets (ODCV-Bench, RedCode-Exec), at p50 0.139ms per check. This is formal methods applied to agent safety at production speed — qualitatively different from regex-based guardrails. The universal bundle being intentionally empty (with a code comment explaining the design evolution) is a rare example of documented architectural change-of-mind in production code.
DashClaw — introduces "durable finality": tracking terminal outcomes so a retried agent never silently double-executes. This addresses a failure mode (network interruption mid-action followed by retry) that none of the 11 seed frameworks acknowledge.
Items Written as Tier C
- theauditor — README says "Product launch imminent," repo has only README + LICENSE + THIRD_PARTY_LICENSES.txt. 550 stars appear to be pre-launch waitlist. No source code, hooks, or architecture available.
- zenable — assigned URL is
https://zenable.io/(website, not GitHub repo). No public source code found viagh apisearch.
Cross-References Discovered
- DashClaw references OpenClaw explicitly in README and topics; provides an
@dashclaw/openclaw-plugin— DashClaw extends/governs OpenClaw agents. - pi-steering-hooks targets
@earendil-works/pi-mono(pi coding agent) — a niche agent not covered by any seed or other batch members. - Sponsio references Simon Willison's "Lethal Trifecta" security research as an explicit design input — rare cross-domain citation from web security research into agent safety frameworks.
- clauder is attributed to
blueraai/clauderin the batch list but the actual canonical repo isspacehendrix/clauder. Theblueraaiorg does not have this repo. - haft was formerly
quint-code— the install URL still points at the historical path; the binary ishaft. - Spartan AI Toolkit supports the Claude Managed Agents
TeamCreate/TeamDeleteAPI — the only batch member explicitly referencing Anthropic's managed agents coordination primitives.