« All posts

Hooks that stop AI coding agents from claiming unverified reads

A hook-based kit blocks AI coding agents from editing unread files, enforcing scoped changes, consumer checks, and verified session handoffs.

AI coding agents routinely state things about a codebase with total confidence that turn out to be wrong: they treat a fallback path as safe, call a change to a shared type 'additive' just because the diff looks that way, or point to a green test suite as proof behavior is preserved when it only covers inputs someone thought to write down. The problem worsens as sessions get longer, since context fills with claims that feel true simply because they were said earlier.

The Session Discipline Kit addresses this by wiring verification into the environment rather than the prompt: a hook blocks any edit to a file the agent hasn't actually opened and read in the current session. Nine additional skills map onto the real shape of a change — stating a falsifiable scope before writing code, enumerating every real consumer of a shared file, scaffolding golden-snapshot tests where correctness is about output shape, reviewing diffs with no memory of writing them, and regenerating handoff documents from actual git state rather than conversational memory. The rules are organized into a twelve-point methodology built from six generalized failure patterns, with a dedicated deep-dive on centralized configuration in TypeScript monorepos.

The kit originally lived as a private discipline system for Claude, then had to be ported to Gemini CLI and, after Google sunset free-tier access, to Antigravity — a closed-source rewrite with inconsistently documented hooks. That forced the kit to register hooks under multiple naming conventions and build verification logic that stays agnostic to tool-specific quirks, applying its own core standard — verify, don't assume — to its own porting process.