Package Exports
This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (failproofai) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.
Readme
Translations: 简体中文 · 日本語 · 한국어 · Español · Português · Deutsch · Français · Русский · हिन्दी · Türkçe · Tiếng Việt · Italiano · العربية · עברית
Runtime failure resolution for coding agents. Hooks into Claude Code and Codex. Catches loops, dangerous actions, and secret leaks before they become incidents. Zero latency. Runs locally.
Supported agent CLIs
Install hooks for one or any combination:
failproofai policies --install --cli opencode pi gemini(or--cli claude codex copilot cursor opencode pi gemini). Omit--clito auto-detect installed CLIs and prompt. GitHub Copilot CLI, Cursor Agent, OpenCode, Pi, and Gemini CLI support are in beta — testing is ongoing.
Install
npm install -g failproofai
failproofai policies --install
failproofai30 built-in policies activate immediately. Dashboard at localhost:8020.
What it stops
| Policy | What it blocks |
|---|---|
block-push-master |
Direct pushes to main / master |
block-force-push |
git push --force |
block-work-on-main |
Commits, merges, rebases on main / master |
block-rm-rf |
Recursive file deletion |
sanitize-api-keys |
API keys leaking into agent context |
Your own policies
Drop a file into .failproofai/policies/ — it loads automatically, no flags needed.
Commit it and the whole team gets it on next pull.
import { customPolicies, deny, allow } from "failproofai";
customPolicies.add({
name: "no-production-writes",
match: { events: ["PreToolUse"] },
fn: async (ctx) => {
if (ctx.toolInput?.file_path?.includes("production"))
return deny("Writes to production paths are blocked.");
return allow();
},
});Three decisions available to every policy:
| Decision | Effect |
|---|---|
allow() |
Permit the operation |
deny(message) |
Block it — message goes back to the agent |
instruct(message) |
Let it through, but add context to the agent's next prompt |
Session visibility
Every tool call your agent makes is logged locally. The dashboard shows what ran, what was blocked, and what the policy told the agent — so you're not guessing when something goes wrong. → Dashboard guide
Documentation
| Getting Started | Installation and first steps |
| Built-in Policies | All 30 policies with parameters |
| Custom Policies | Write your own |
| Configuration | Config scopes and merge rules |
| Dashboard | Session monitor and policy activity |
| Architecture | How the hook system works |
License
MIT with Commons Clause — free for internal and personal use; commercial resale of failproofai itself requires a separate agreement. See LICENSE for the full text.
Contributing
See CONTRIBUTING.md. New policies, edge cases, and translations all welcome.
Built by Nivedit Jain and Nikita Agarwal. befailproof.ai