DEV Community

Tang Weigang
Tang Weigang

Posted on

Your AI Coding Policy Needs a Receipt, Not Just an AGENTS.md

An AGENTS.md file can explain a rule. It cannot prove that an agent saw the rule, that a proposed action was evaluated, or that a rejected change left a usable recovery trail. That is the useful question behind coding-ethos.

coding-ethos splits the problem into policy, agents, hooks, and code intelligence. coding_ethos.yml describes the mechanics; ETHOS.md and the coding-ethos standards carry the values; AGENTS.md and CLAUDE.md describe agent contracts. The hooks runner receives lifecycle events, routes them to the relevant evaluator or MCP tool, and normalizes the result.

The v0.3.0 line is interesting for three concrete reasons: policy extension seams let downstream rules plug in without rewriting the compiler; routing is centralized instead of duplicated in every hook; and remediation evidence is persisted in the code-intel store. A denied action should be testable as a structured verdict plus a remediation payload, not just a red log line.

My first-use check is deliberately small: run uvx coding-ethos against a disposable repository, exercise one allowed action and one denied action, read the rule id and evidence payload, retry after remediation, then remove the temporary configuration and verify rollback. A visible MCP tool list is not proof of enforcement, and a legacy path that bypasses hooks/runner can silently drop evidence.

The Doramagic pack also records community reports about Bubblewrap provisioning, git amend policy, MCP stdio coverage, and agent-proxy work. Those are source-backed checks to revisit, not claims that Doramagic reproduced every issue. Project notes: https://doramagic.ai/en/projects/coding-ethos/manual/

Disclosure: this is an independent Doramagic capability pack, not an official coding-ethos release or endorsement.

Top comments (0)