The Harness
6 components. 9 gates. Zero shortcuts. Agent = Model + Harness.
Level 1: Process Rules
Agent remembers rules from AGENTS.md. Load-bearing for simple tasks, but fails when attention drifts.
Level 2: Visible Manifest (Guardian Pattern)
Before any mutation (commit, push, merge, rebase), the agent must present a DECISION POINT block, explain rationale, and wait for explicit approval. Invalid responses like "ok" and "continue" are rejected.
Level 3: Time-Window Approval
The commit-msg hook v5 verifies that a .git/COMMIT_APPROVED file exists, is less than 5 minutes old, and matches the commit message. No SHA256 tokens, no hash math. The agent writes this file only after user says "yes commit" in chat.
Level 4: Manifest Gate
Before a commit approval can be written, a manifest file must exist at .git/COMMIT_MANIFEST. The agent MUST write this file before running commit-approval.sh. This prevents committing without presenting changes.
Pre-Commit Gates (v8)
The pre-commit hook runs 9 checks before every commit:
- Branch check — not on detached HEAD
- Staged changes — something is staged
- Remote sync — no unpulled remote changes
- HTML integrity — staged HTML files have required structural markers
- Skill gate — skills were consulted before implementation
- Build verification — shell scripts have valid syntax
- Anti-slop — no generic AI-generated patterns detected
- Debug tracking — fix/debug commits tracked, escalates at 3
- PROGRESS_STATUS validation — skill table must match file system
The Harness Architecture
A harness is the mechanical infrastructure that enforces agent behavior. This project implements 6 harness components that turn "please follow the rules" into "you literally cannot break them":
- 1. Instructions & Rules — AGENTS.md, SOUL.md, STEERING-GUIDE.md.
- 2. Tools — 55 skills loaded on demand via skill gate.
- 3. Sandboxes & Execution — Terminal, git workspace, CI.
- 4. Orchestration — skill-gate.sh, init-agents.sh, multi-agent patterns.
- 5. Guardrails & Hooks — Pre-commit v8 (9 gates), commit-msg v6, commit-approval.sh.
- 6. Observability — project-metrics, HEALTH-CHECK.md, PROGRESS_STATUS.md.
Incident History
Three Rule 12 violations in 48 hours produced three levels of enforcement:
- INCIDENT_001: Agent committed without approval → Added visible manifest requirement
- INCIDENT_002: Agent bypassed manifest → Added time-window approval (replaced SHA256 tokens)
- INCIDENT_003: Agent generated tokens without real approval → Added mandatory manifest gate
Honest Limitations
These gates create friction, not guarantees. The hooks enforce git operations, but cannot prevent the agent from generating tokens without presenting the manifest, interpreting ambiguous responses as approval, or pushing without asking. The human must stay alert.
Scripts Reference
Key scripts that enforce the workflow:
| Script | Purpose |
|---|---|
commit-approval.sh | Write commit approval (requires manifest, time-window checked) |
edit-guard.sh | Verify file structural integrity |
pre-flight.sh | Check git state before editing |
skill-gate.sh | Verify skills were consulted |