agent
guard
Pre-Commit Validation. Visualization of the lock/lease commit flow. The Iron Seal that ensures the repository remains pristine by validating every commit before it lands.
AgentGuard makes pre-commit validation deterministic, comprehensive, and impossible to skip—for both human developers and AI agents.
Features
The Iron Seal
Ensuring that the repository remains pristine, regardless of who (or what) is contributing.
Gatekeepers of Truth
Automated sentinels that enforce quality before a human ever has to review.
The Zero-Defect Standard
Shifting QA 'left' until it becomes a prerequisite for existence.
Autonomous Trust
Enabling AI agents to contribute without the constant fear of regression.
AgentGuard is a git hooks framework that enforces validation before any commit lands. The core idea: acquire a lease (lock), run every validation gate (lint, test, AI review), stamp the commit only if all gates pass, then release the lease.
No broken code reaches CI. Ever.
This visualization demonstrates the full lease cycle: a commit triggers the hook, the lease is acquired (preventing concurrent commits), validation gates run sequentially, and only after all pass does the commit get stamped and the lease released. If any gate fails, the commit is rejected and the lease is freed for the next attempt.
The pattern works for both human developers and AI agents — ensuring that autonomous coding assistants meet the same quality bar as senior engineers.
"The best time to catch a bug is before it's committed. AgentGuard makes pre-commit validation deterministic, comprehensive, and impossible to skip."
Origin & Attribution
The Shift-Left Movement & pre-commit Ecosystem
Decades of quality engineering wisdom — catch defects as early as possible
"The cost of fixing a defect increases exponentially with the distance from where it was introduced."
The Philosophy
AgentGuard isn't just a git hook — it's a philosophy about enforcing quality at the protocol layer, for both humans and AI.
Shift Left Until It's a Prerequisite
Barry Boehm demonstrated in 1981 that fixing a bug in production costs 100x what it costs to fix during development. The shift-left movement pushed testing earlier: from production to staging, from staging to CI, from CI to pre-push. AgentGuard takes this to the logical endpoint — validation runs before the commit even exists. If the code doesn't pass lint, tests, and AI review, the commit never happens. The defect doesn't enter the repository, doesn't trigger CI, doesn't reach a human reviewer. It's prevented, not detected.
Lock-Validate-Stamp-Release
The lease cycle is deceptively simple: acquire a lock (preventing concurrent commits), run every validation gate in sequence (lint, type-check, unit tests, integration tests, AI review), stamp the commit with a validation hash if all gates pass, then release the lock. If any gate fails, the commit is rejected and the lock is freed immediately. The lock prevents a subtle class of bugs where two concurrent commits each pass validation independently but break when combined. Sequential validation with mutual exclusion eliminates race conditions in the commit pipeline.
One Quality Bar for Humans and Agents
When an AI coding assistant generates 200 lines of code and commits it autonomously, that code must pass the exact same quality gates as a pull request from a senior engineer. No exceptions, no 'it's just AI-generated' bypass. AgentGuard enforces this by running at the git hook level — below the IDE, below the agent framework, at the protocol layer that every commit must pass through. This is the difference between 'AI agents are trusted' and 'AI agents are verified.'
The Audit Trail
Every commit that passes AgentGuard carries a validation stamp: which gates were run, what versions of each linter and test suite were used, how long each gate took, and whether the committer was a human or an AI agent. This creates a compliance-ready audit trail that answers the question every security team asks: 'Who reviewed this code, and what exactly did they check?' For AI-generated code, this is not optional — it's the foundation of responsible autonomous development.
Kingly's Approach
We implement AgentGuard as a pluggable git hooks framework with configurable gate policies, designed to work seamlessly with both human IDEs and AI agent terminals.
Pluggable Gate Architecture
Each validation gate is a self-contained plugin: ESLint, TypeScript compiler, Jest/Vitest, AI code review, security scanning. Teams configure which gates are required vs. advisory, set timeout limits per gate, and define fallback behavior when a gate is unavailable. The framework runs gates in dependency order and short-circuits on the first required failure.
Agent-Aware Validation
AgentGuard detects whether the committer is a human (interactive git) or an AI agent (headless git). For agent commits, additional gates can be activated: scope validation (did the agent only modify files it was authorized to touch?), diff size limits, and mandatory AI review by a second model. This creates a layered trust model where agents earn more autonomy as their validation track record improves.
Cryptographic Stamps
Each validated commit receives a cryptographic stamp that includes the gate results, the validation environment hash, and a timestamp. This stamp can be verified by CI, code review tools, and deployment pipelines — creating an end-to-end chain of trust from local commit to production deployment.
The Future
Pre-commit validation is table stakes. The next frontier is intelligent, adaptive validation.
Adaptive Gate Thresholds
Gates that auto-tune their sensitivity based on historical failure patterns. If a particular lint rule catches issues 0.1% of the time, it becomes advisory. If a test consistently catches regressions, it becomes blocking.
Cross-Repo Policy Federation
Organizations defining validation policies at the org level and cascading them to all repositories. A single policy update propagates to every team's pre-commit hooks within minutes.
AI-Native Review Summarization
AI gate results that explain not just 'what failed' but 'why this matters' and 'how to fix it' — turning a red checkmark into an actionable coaching moment.
Commit Risk Scoring
Using the diff, the validation results, and historical data to assign a risk score to each commit. High-risk commits automatically escalate to human review regardless of gate results.
Tech Stack
What This Is Used For
AI agent coding
ensure autonomous agents pass lint, test, and review before committing
Team quality gates
enforce consistent standards across all contributors
CI cost reduction
catch failures locally before expensive CI runs
Compliance workflows
audit trail of validation stamps on every commit
Also from Labs
Stay Updated
Get notified of new labs, experiments, and updates.