Skip to content

nessos666/coding-tentacle

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

12 Commits
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 

Repository files navigation

Coding Tentacle

πŸ™ Coding Tentacle v0.9.0

MIT License v0.9.0 Python 3.10+ Status Tests

Safety-first guardian layer that controls LLM code-fixing agents.
OpenCode writes fixes. CT analyzes, reviews, blocks danger, requires human approval, and learns from every run.


Why Coding Tentacle?

OpenCode, Codex, and Claude Code are brilliant at generating code. But they have zero safety guarantees. They can output DROP TABLE, eval(user_input), or rm -rf / β€” and nothing stops them.

Coding Tentacle sits in front of any LLM fix engine and acts as a guardian.

πŸ›‘οΈ Safety VETOBlocks dangerous patterns (SQL injection, eval, shell commands) β€” before execution. Base64 and HTML-encoded payloads are decoded and caught.
πŸ” SkepticBrainAdversarial review of every fix. "Why could this be wrong?" Risk score, objections, recommendation.
🧠 Self-LearningBLM stores every bug experience. EngineLearning calibrates trust per engine + bug type. Later runs get better context.
πŸ”— Engine RouterRoutes bugs to the best engine. OpenCode primary. Ollama fallback. Codex (API key needed). Bug-type-specific trust routing.
πŸ‘€ Human ApprovalEvery fix requires human APPROVE/REJECT/REQUEST_CHANGES. Safety VETO can NEVER be overridden β€” even by humans.
πŸ“Š Impact AnalysisPredicts which files, tests, skills, and procedures are affected by a change. Risk score before approval.

Architecture

                    β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
                    β”‚    Coding Tentacle       β”‚
                    β”‚    β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚
  Bug Report ──────►│    β”‚  Safety VETO πŸ›‘οΈ   β”‚ β”‚
                    β”‚    β”‚  SkepticBrain πŸ”  β”‚ β”‚
                    β”‚    β”‚  Engine Router πŸ”—  β”‚ β”‚
                    β”‚    β”‚  Trust Calibration β”‚ β”‚
                    β”‚    β”‚  Learning Loop 🧠  β”‚ β”‚
                    β”‚    β””β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”‚
                    β”‚            β”‚             β”‚
                    β”‚    APPROVE / REJECT      β”‚
                    β”‚    / REQUEST_CHANGES     β”‚
                    β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
                                 β”‚
                    β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β–Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
                    β”‚   Fix Engines            β”‚
                    β”‚   β”Œβ”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚
                    β”‚   β”‚OpenCodeβ”‚ β”‚ Ollama  β”‚ β”‚
                    β”‚   β””β”€β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”‚
                    β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜

Quick Start

git clone https://github.com/nessos666/coding-tentacle.git
cd coding-tentacle

# Verify everything works
python3 scripts/full_regression.py
# β†’ βœ… RC2 ALL TESTS PASSED

# Analyze a bug with full pipeline
python3 -c "
from coding_tentacle.orchestrator.shadow_mode import ShadowModeRunner, GitHubIssueRun
from coding_tentacle.orchestrator.metabrain import MetaBrain, SafetyBrain
from coding_tentacle.safety.inhibitory_control import InhibitoryControl
from coding_tentacle.knowledge.security_store import create_seed_security_store
from coding_tentacle.orchestrator.engine_router import EngineRouter
from coding_tentacle.orchestrator.skeptic_brain import SkepticBrain
from coding_tentacle.safety.approval_gate import ApprovalGate

sec = create_seed_security_store()
ic = InhibitoryControl(security_store=sec)
safety = SafetyBrain(ic=ic, security_store=sec)
mb = MetaBrain(safety=safety)
er = EngineRouter(); er.check_health()
sb = SkepticBrain(); ag = ApprovalGate()

runner = ShadowModeRunner(meta_brain=mb, engine_router=er,
                          approval_gate=ag, skeptic_brain=sb,
                          safety_brain=safety)

r = runner.analyze_issue(GitHubIssueRun(
    'https://github.com/user/repo', '#1',
    'NullPointer in views.py',
    'NoneType has no attribute at line 42'))

print(f'Bug Type: {r.detected_bug_type}')
print(f'Engine:   {r.engine_used}')
print(f'Safety:   {\"BLOCKED\" if r.safety_events else \"OK\"}')
print(f'Skeptic:  risk={r.skeptic_risk:.2f} {r.skeptic_recommendation}')
print(f'Approval: {r.approval_status}')
print(f'BLM:      {\"Learned\" if r.blm_written else \"Error: \" + r.blm_error}')
"

Kombinationen

CT mit Ergebnis
CT + OpenCode βœ… Empfohlen. OpenCode (deepseek-v4-pro) erzeugt Fix. CT prΓΌft + lernt.
CT + Claude Code βœ… Top-tier. Claude Code (2.1.86) β€” alternativ zu OpenCode.
CT + Ollama πŸ”΅ Fallback. granite3.2-vision lokal. Langsamer, offline-fΓ€hig.
CT + Codex ⚠️ Braucht OpenAI API-Key.
CT alleine ❌ Klassifiziert Bugs, erzeugt Template-Fixes (keine echte Reparatur).

Was passiert im Hintergrund?

1. Bug β†’ CT klassifiziert (18 Typen)
2. Safety check: DROP TABLE? eval()? β†’ BLOCK
3. EngineRouter wΓ€hlt OpenCode/Ollama
4. Engine erzeugt echten Code-Diff
5. CT scannt Diff auf Gefahren (Base64/HTML-decodiert)
6. SkepticBrain: "Warum kΓΆnnte das falsch sein?"
7. Sandbox testet isoliert (Originale UNVERΓ„NDERT)
8. HumanApprovalGate: APPROVE/REJECT/REQUEST_CHANGES
9. BLM speichert, EngineLearning kalibriert Vertrauen
10. NΓ€chster Bug bekommt Γ€hnliche Erfahrungen im Prompt

Pipeline (Shadow Mode)

  GitHub Issue
      β”‚
      β–Ό
  β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
  β”‚ Classifier   β”‚  18 bug types, 100% accuracy
  β””β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”˜
         β–Ό
  β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
  β”‚ SafetyBrain  β”‚  VETO: DROP TABLE, eval(), system() β†’ BLOCKED
  β””β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”˜
         β–Ό
  β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
  β”‚ EngineRouter β”‚  OpenCode primary, Ollama fallback
  β””β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”˜
         β–Ό
  β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
  β”‚ Fix Engine   β”‚  Generates real code diff
  β””β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”˜
         β–Ό
  β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
  β”‚ Safety scan  β”‚  Scans engine output for dangerous patterns
  β””β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”˜
         β–Ό
  β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
  β”‚ SkepticBrain β”‚  "Why could this fix be WRONG?"
  β””β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”˜
         β–Ό
  β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
  β”‚ Sandbox      β”‚  Isolated test. Original files NEVER touched.
  β””β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”˜
         β–Ό
  β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
  β”‚ ApprovalGate β”‚  APPROVE / REJECT / REQUEST_CHANGES
  β””β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”˜
         β–Ό
  β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
  β”‚ BLM + Trust  β”‚  Store experience + update engine trust
  β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜

CT vs The World

Feature CT Codex Devin Claude Code OpenHands
Safety VETO βœ… ❌ ❌ ❌ ❌
SkepticBrain βœ… ❌ ❌ ❌ ❌
Bayesian Trust βœ… ❌ ❌ ❌ ❌
Human Approval βœ… ⚠️ ⚠️ ⚠️ ❌
Self-Learning βœ… ❌ ❌ ❌ ❌
Bug Classification βœ… ❌ ❌ ❌ ❌
Engine Router βœ… ❌ ❌ ❌ ⚠️
Impact Analysis βœ… ❌ ❌ ❌ ❌
Open Source βœ… ❌ ❌ ❌ βœ…
Cost/Task $0 $12 $500/mo $20 $0
SWE-bench N/A 88.7% 87% 95.5% 65%

CT is not a competitor. CT is the safety layer that controls them.


What CT Is NOT

  • ❌ Not a replacement for Codex, Devin, or Claude Code
  • ❌ Not an autonomous bug fixer (requires OpenCode/Ollama for code generation)
  • ❌ Not production-ready (Research / Shadow Release)

What CT IS

  • βœ… Safety-first guardian that controls LLM fix engines
  • βœ… Self-learning bug analysis system
  • βœ… The only agent with Safety VETO + SkepticBrain + Bayesian Trust
  • βœ… 100% open source, zero API costs

Requirements

  • Python 3.10+
  • OpenCode CLI (opencode) β€” for actual code fixing
  • Ollama + granite3.2-vision β€” for local fallback
  • No API keys required

Community

GitHub Issues GitHub Stars


License

MIT β€” free, open source, no restrictions.

Built by David + Hermes. June 2026. πŸ¦‘

About

Safety-first guardian layer for LLM-based code fixing

Topics

Resources

License

Code of conduct

Contributing

Security policy

Stars

Watchers

Forks

Packages

 
 
 

Contributors

Languages