Protect your system from unauthorized agentic actions. Declarative, multi-harness policy engine that intercepts shell commands and tool calls from AI coding assistants—before they cause damage.
Buckler is a harness-neutral policy engine: declarative YAML rules evaluate normalized signals from any AI coding assistant and decide whether to allow, deny, ask, or nudge—independent of which harness fired the hook. The agent-git and agent-gh packs ship enabled by default, blocking uncontrolled git commits, force-pushes, remote destruction, and destructive gh commands out of the box.
- Harness-neutral core — the evaluator knows nothing about Cursor's
hooks.json; only thin adapters do - Declarative YAML packs — rules match on abstract trigger kinds, not harness-specific strings
agent-git+agent-ghpacks — deny uncontrolled git commits / force-push / remote destruction; deny destructiveghsubcommands; nudge toward MCP tools- Cosign-signed releases — every release tarball is verified before install
- Cross-platform — Linux, macOS, Windows (Git Bash)
| Audience | File |
|---|---|
| Install, configure, bypass, troubleshoot | HUMANS.md |
| LLM / dev internals, contract rules | AGENTS.md |
| Architecture & adapter boundary | ARCHITECTURE.md |
| Commit conventions, CI, dev setup | CONTRIBUTING.md |
| Threat model, Cosign verification, disclosure | SECURITY.md |
| Troubleshooting (hooks, policy, audit log) | docs/troubleshooting.md |
| Rule YAML schema | docs/rule-schema.md |
Default agent-git pack matrix |
docs/agent-git.md |
Default agent-gh pack matrix |
docs/agent-gh.md |
| Path resolution (XDG, Windows, env overrides) | docs/paths.md |