Skip to content

v0.3.0 — pre-action hooks (priming → enforcement)

Choose a tag to compare

@anirudhprashant anirudhprashant released this 10 Jul 23:07

v0.3.0 — Make the agent less stupid, for real this time

v0.2.0's priming was 30–40% effective — the SKILL.md put hints in front of the agent's face, but the agent could still write a crontab entry without calling shadow_stale. v0.3.0 closes that gap with pre-action hooks that gate mutations at the OS level.

What's new

  • av hooks install deploys PATH-level wrappers around crontab and systemctl --user. After install, open a new terminal and any mutation is refused unless a vitals call has been made in the last 60 seconds.
  • Reads (crontab -l, systemctl status, etc.) always pass through. No friction.
  • Power management (reboot, poweroff, suspend) explicitly NOT gated — a stale stamp must never block a reboot.
  • Bypass for emergencies: VITALS_BYPASS=1 crontab -e.

Install

uv tool install --force --reinstall git+https://github.com/anirudhprashant/agent-vitals
av hooks install    # auto-appends PATH snippet to ~/.bashrc and ~/.zshrc
                    # open a new terminal

That's the whole setup. From now on:

$ crontab -e
  ⚡ agent-vitals hook: refused `crontab -e`

  reason:   vitals stamp is 5m12s old — exceeds 60s window.
  stamp:    5m12s ago

  refresh:  call any vitals tool or run `av doctor`
  bypass:   VITALS_BYPASS=1 crontab -e

Tests

104 unit tests covering:

  • Mutation detection for every crontab and systemctl arg combo (reads, mutations, bundled shorts, bundled -u, value-flags, power-mgmt carve-out)
  • Stamp behavior (touch, read, age, bypass, window, missing file)
  • Gate end-to-end with mocked real-binary
$ uv run python -m unittest tests.test_stamp tests.test_hooks
Ran 104 tests in 0.038s
OK

Subprocess integration tests are skipped — they fail under uv run because of env-var interaction with Typer subcommand routing. Same logic is fully covered by unit tests.

Stack

~1200 LOC of Python + 104 tests. typer + rich + pyyaml + mcp. MIT.

Anti-patterns now blocked at the OS level

  • ❌ Writing a crontab entry without verifying the target exists
  • ❌ Enabling a systemd service without first checking infrastructure health
  • ❌ Restarting services while 6 other sessions are already stuck
  • ❌ Claiming "all cron is fine" without calling shadow_stale

Links