Guard multi-agent orchestration with an external witness layer that verifies agent claims, arbitrates disputes, gates plan transitions, and enforces concurrency policies — preventing agents from self-certifying completion or stalling on unresolved blockers.
One automatic plan-class lifecycle tick. Reads the DECLARED class set + transition list from the workspace `[lifecycle]` table (not a hardcoded taxonomy), evaluates each trigger, spawns a read-only JUDGE-rung adjudicator (the `dos.judges` seam — advisory, fail-to-abstain) to approve/defer each candidate transition, applies the gated transitions as plan-meta edits + one commit per cycle, and logs to the run archive. Failsafes (per-cycle cap, per-plan cooldown, a veto class) are `[lifecycle]` data; the judge content is a host `dos.judges` driver. Every path/class comes from `dos doctor --json`. Use to garden a plan portfolio's lifecycle automatically, judge-gated. The DOS lifecycle gardener (SKP Axis 5, docs/207 Phase 5c).
Run /dos-dispatch on a recurring cadence, alternating with /dos-replan when the backlog drains — the dispatch→replan→dispatch cycle. The continue/stop/next-mode decision is the kernel's typed loop decision, not inline prose: each iteration is classified (`dos gate`) into a verdict and the loop's counters (drained-twice, the unclear/dirty-zero breakers, the iteration cap) drive the next step. Several loops on disjoint lanes run concurrently, each taking its own lane lease via `dos arbitrate`. Driven entirely by `dos` verbs + the workspace's `dos.toml`. The DOS reference loop workflow (SKP Axis 5).
End-to-end plan-and-ship for one lane — snapshot the portfolio with /dos-next-up, take a lane lease via `dos arbitrate` so parallel dispatches don't collide, gate the empty case via `dos gate`, ship the packet, and archive the run under the configured run dir. Driven entirely by `dos` verbs + the workspace's `dos.toml`; names no host path, lane, or commit convention. Use when you want to plan and ship the next batch on one lane in a single command, with concurrency safety. The DOS reference dispatch workflow (SKP Axis 5).
Run the DOS enforcement-policy self-tuning loop. Use when Codex should tune `[intervention_policy]`, `[intervention]`, or `[improve]` knobs from observed false-deny vs held-catch outcomes with `dos enforce-tune`, measuring candidates in an isolated worktree and keeping only kernel-witnessed improvements: suite green, truth clean, strict net_task_delta gain, and no runtime-logic edits. Driven by `dos` verbs and workspace `dos.toml`; escalate after repeated non-keeps. (docs/365).
Launch N independent headless worker instances in account-balanced waves, each armed with ONE goal whose "done" is gated on a witness the worker did not author — not on its own say-so. Each objective becomes one self-stopping child wired to `dos hook stop` (the `dos-goal-gate` discipline), co-launch safety comes from `dos arbitrate` over each child's file-tree, and every claimed ship is confirmed by `dos verify` / `dos commit-audit`, never by a transcript line. Driven by `dos` verbs and the workspace's own `dos.toml` — names no host path, runtime, model, or account mechanism. Use when an operator hands a context with several independent objectives and says "launch a worker per goal", "fire a wave of goal agents", or "run these N goals in parallel". The fan-OUT analogue of `dos-goal-gate` (one self-stopping leaf) and `dos-witness-claim` (the fold).
Matches all tools
Hooks run on every tool call, not just specific ones
Executes bash commands
Hook triggers when Bash tool is used
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimBased on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
Executables (bin/) — files in this plugin's bin/directory are added to the Bash tool's PATH while the plugin is enabled.
Catch your AI agents when they lie about what they shipped.
📊 See it run on real repos: the scoreboard scores 15 popular AI-built repos (roborev, open-interpreter, crewAI, autogen, …) — how much agents wrote, which ones, and whether each commit's claim is backed by its own diff. Score yours:
dos commit-audit --sweep --workspace . BASE..HEAD.
The whole pitch in one recording: the agent claims two features shipped; git backs one.
dos verify answers from the commits, the lie exits 1, and a gate on that
exit code refuses the false "done". Every line is the real CLI's verbatim output —
scripts/build_caught_lie_cast.py re-records it whenever the output changes.
Run a fleet of agents on one repo. The left loop just feels like progress; the right one you can steer.
The only difference is a verdict DOS reads from the real world — here, git — never the agent's word.
An AI agent will tell you it finished. DOS checks the real world instead of
taking its word — and the nearest piece of the real world is your git history.
An agent says it shipped the login endpoint; did it? Run one command,
dos verify, and it answers from the artifacts the work left behind, not from
what the agent typed: a commit backs the claim → SHIPPED, exit 0; nothing
landed → NOT_SHIPPED, exit 1. The agent's story never enters into it. (Git
is just the first witness DOS reads; the file tree, the clock, a CI status, a
test environment's own state are others — anything the agent didn't author.)
dos verify AUTH AUTH1 # → SHIPPED AUTH AUTH1 e62f74d (exit 0)
dos verify AUTH AUTH2 # → NOT_SHIPPED AUTH AUTH2 (exit 1)
That's the smallest version. It scales up, too: point a dozen agents at one
repo — in CI, in a fleet, racing on the same files — and DOS also tells you
which ones are stepping on each other, which one is spinning in circles, and
which claim of "done" is real. Every answer comes from the artifacts (git, the
file tree, the clock), never the narration. It works on a plain git repo with
zero config and gets smarter the more you tell it, and the only thing you ever
install is one small Python package.
npx claudepluginhub anthony-chaudhary/dos-kernel --plugin dos-kernelAdjudicate every tool call like a syscall. fak's MCP server exposes capability-gated adjudication verbs so Claude Code can screen a proposed tool call, run one through the kernel, or quarantine a tool result before it enters context.
Plugin-safe Claude Code distribution of Antigravity Awesome Skills with 1,509 supported skills.
Core skills library for Claude Code: TDD, debugging, collaboration patterns, and proven techniques
Reliable automation, in-depth debugging, and performance analysis in Chrome using Chrome DevTools and Puppeteer
Supergraph enforces a complete, evidence-based coding pipeline — scan → plan → TDD → fix → verify → review — grounded in real codebase analysis at every step. It combines AST dependency graphs, LSP-level code intelligence, and a structured skill chain so Claude never guesses about impact before making a change.
v9.52.0 - Reliability wave: tangle contextual review correction loop with hard round ceiling, progress-supervised review rounds (per-agent stall watch, descendant-tree kills), council diversity and agy pin fixes, marketplace generator source-of-truth fix, provider troubleshooting runbook and cost-expectations docs. Run /octo:setup.
Superpowers Plus core skills library for Claude Code: planning, execution routing, TDD, debugging, and collaboration workflows
Claude harness - A harness for solo developers (Vibecoders) to handle full-cycle contract development.