by clay-good
Deterministic, local-first memory and guardrails for AI coding agents with no LLM in the hot path.
# Add to your Claude Code skills
git clone https://github.com/clay-good/OpenLoreLast scanned: 5/30/2026
{
"issues": [],
"status": "PASSED",
"scannedAt": "2026-05-30T16:14:40.388Z",
"npmAuditRan": true,
"pipAuditRan": true
}OpenLore is an open-source ai agents skill for AI coding assistants such as Claude Code, Codex CLI, and ChatGPT, built by clay-good. Deterministic, local-first memory and guardrails for AI coding agents with no LLM in the hot path. It has 186 GitHub stars.
Yes. OpenLore passed SkillsLLM's automated security scan — a dependency vulnerability audit plus prompt-injection heuristics — with no high-severity issues. You can read the full report in the Security Report section on this page.
Clone the repository with "git clone https://github.com/clay-good/OpenLore" and add it to your Claude Code skills directory (see the Installation section above).
OpenLore is primarily written in TypeScript. It is open-source under clay-good on GitHub, so you can review or fork the full source.
Yes. SkillsLLM lists many other AI Agents skills you can browse and compare side by side. Open the AI Agents category from the badge at the top of this page, or use the Related Skills and comparison links further down to weigh OpenLore against similar tools.
No comments yet. Be the first to share your thoughts!
AI coding agents are powerful but amnesiac and ungoverned. Every task starts by re-reading the same files to rediscover structure; every long session quietly drifts toward confident-but-stale assumptions; and nothing tells the agent when a change is about to break a contract, cross an architectural boundary, or open a path into sensitive code.
OpenLore fixes both halves. It runs a one-time static analysis of your codebase and keeps a navigable knowledge graph — call structure, types, tests, decisions, IaC, and spec drift — incrementally fresh as you edit. Agents query it through MCP tools (or the CLI) to start every task already oriented, and to certify a change before it lands. It is deterministic and local-first — no LLM in the hot path — so the same question returns the same grounded answer, and an agent is told when a fact has gone stale instead of served a confident guess.
npm install -g openlore && openlore install
That one command auto-detects your agent (Claude Code, Cursor, Cline, Continue, AGENTS.md), wires it to call orient() automatically, registers the MCP server, and builds the index — no API key, no config, no questions asked. Then ask your agent:
orient("add a payment method")
…and it begins the task already knowing the relevant functions, their callers, the matching specs, the tests, and the risk of changing each one — in a single call. Full setup, variants, and verification: 5-Minute Quickstart.
Zero config, everything discoverable. Core value needs no keys. To see every opt-in capability — embeddings, covering surfaces, the commit gate, the spec store, and more — whether each is active, and the one command to turn it on, run
openlore features.
OpenLore does two things for an agent, both deterministic and local — it remembers your architecture so every task starts oriented, and it governs what the agent changes before the change lands.
🧠 Memory — start every task already oriented
orient() once; agents stop re-deriving the system from dozens of file reads, across sessions. Anchored notes and decisions survive refactors: a renamed or moved symbol carries its memory forward at the next analyze (with carriedAcross provenance) instead of orphaning it.orient(task) returns the relevant functions, their callers, matching spec sections, and insertion-point candidates in a single call. ~430µs p50 on a 15k-node graph.parseConfig() — which tests should I run?" by backward call-graph reachability; cross-language mark-and-sweep finds what's dead, confidence-tagged, never deletion authority.🛡️ Governance — guardrails on what the agent changes
change_impact_certificate flags when a diff newly opens a path into a sensitive boundary you declared (reachable after the change but not before) — differential, deterministic, no LLM.certify_public_surface classifies every changed export breaking / non-breaking / potentially-breaking over a diff and names the in-repo consumers each break hits; conservative by construction, never silently "safe".check_architecture answers "may a file under A import B?" against your declared layer/forbidden rules before the import is written — cross-language.verify_claim returns a deterministic confirmed / refuted / unverifiable verdict with a citation receipt before an agent asserts "X is dead" or "Y is safe to change".openlore enforce resolves every governance finding through your enforcement.policy and blocks only on what you class blocking (advisory by default, no API key). Decisions are recorded, gated, and synced into living specs; spec/code drift detected in milliseconds.📊 Honest by construction — −26% agent round-trips on deep traces in large repos, with the losses published next to the wins; every public claim traces to a command you can run. Pure static analysis: no API key, no network, same answer every time.
{
"functions": [
{
"name": "processPayment",
"file": "src/payments/processor.ts",
"risk": "medium",
"fanIn": 4,
"callers": ["handleCheckout", "retryFailedCharge"],
"callType": "direct"
},
{
"name": "validateCard",
"file": "src/payments/validator.ts",
"risk": "low",
"fanIn": 1,
"testedBy": [{ "name": "validateCard.test.ts", "confidence": "called" }]
}
],
"specDomains": ["payments — §CardValidation, §PaymentFlow"],
"insertionPoints": [
"src/payments/processor.ts:87 — after existing charge logic"
],
"callPath": "POST /charge → handleCheckout → processPayment → validateCard → stripeClient.charge"
}
The agent knows exactly where to look, what it touches, and what risks to consider — before reading a single file.
openlore impact-certificate --base main # does my diff open a new path into a declared sensitive boundary?
openlore certify-public-surface --base main # did I break a consumer's public API contract?
openlore blast-radius # callers/layers touched, tests to run, specs & decisions that drift
openlore enforce --hook # one gate; blocks only on findings you've classed `blocking`
No LLM, no API key — the same grounded answer every run. Advisory by default; you opt into blocking per finding.
OpenLore only earns its place if an agent with it reaches a correct answer for less total cost than the same agent without it. We measure that inequality and publish it — wins and losses. Numbers are from the Spec 14 agent benchmark (claude -p, sonnet, N=4 medians, pinned SHAs, --strict-mcp-config isolating each arm), measured 2026-06-01.
| Scenario (task × repo) | Cost Δ | Round-trips Δ | Correctness | Verdict |
|---|---|---|---|---|
| Large/unfamiliar repo · deep "how does X flow through Y" (its target) | −7% to −21% | −26% | 100% = 100% | ✅ helps — and the win grows with repo size |
| Small/familiar repo · shallow "who calls X" | task-dependent (Round 1: +43%) | +38% | 100% = 100% | ❌ often adds overhead — measure |