/projects/proofloop
Proofloop
A Bun CLI that runs Claude and Codex as a paired worker/reviewer — turning prompts into reviewed plans and refusing to finish until proof and an adversarial security gate pass.
/projects/proofloop
A Bun CLI that runs Claude and Codex as a paired worker/reviewer — turning prompts into reviewed plans and refusing to finish until proof and an adversarial security gate pass.
AI coding agents can produce plausible changes without proof, review, or adversarial pressure. In real engineering work, completion should depend on evidence and quality gates, not just model confidence.
Proofloop pairs Claude and Codex as worker/reviewer roles in a Bun CLI, requiring plans, quality commands, proof artifacts, security review, resume manifests, and draft PR preparation.
The system has to coordinate multiple agents, terminal sessions, git state, review artifacts, and failure recovery while keeping the loop usable as a developer tool rather than a research toy.
Proofloop operationalizes proof-driven agent development: the workflow refuses to finish until review and verification artifacts exist, making evidence a first-class output.
This shows Stefan's depth in agent harness design, multi-agent review loops, CLI ergonomics, git automation, security gates, proof discipline, and developer workflow architecture.
Proofloop is a safety harness for AI coding work. It treats plans, review, terminal evidence, security critique, resume state, and PR packaging as part of the product, not optional ceremony.
Pairing worker and reviewer roles creates deliberate friction. One model can implement while another challenges assumptions, asks for proof, and catches risks before the run claims completion.
The workflow requires quality commands, artifacts, and review outputs before completion. That makes the agent accountable to observable evidence rather than self-reported confidence.
Detached sessions and resume manifests matter for real coding tasks because agent work can run long, fail midway, or need inspection after interruption.
Draft PR creation keeps the human in charge of shipping while still turning verified agent output into a reviewable software-delivery artifact.
Chosen for a fast single-binary CLI that can install, run, and update with little ceremony.
Keeps the run manifest, options, gates, and agent state explicit across a complex CLI flow.
Claude is useful as a reviewer or worker because it is strong at critique, plans, and long-context code review.
Codex gives the loop a second implementation and review path instead of relying on one model family.
Detached sessions make long agent runs inspectable and resumable without tying up the main terminal.
Worktrees isolate each run so the agent can work without contaminating the user's current branch.
Draft PR support turns a proven run into something a human can review and merge.
Keeps formatting and lint checks fast enough to run inside the proof loop.
Starts a paired worker/reviewer run from a prompt, file, or proof requirement.
Has the non-primary model sanity-check PLAN.md before implementation begins.
Lets the operator choose Claude, Codex, paired mode, or single-agent execution.
Lets the worker and reviewer coordinate directly instead of routing every critique through the user.
Runs check, typecheck, test, and build commands as completion evidence.
Blocks completion until security and performance risks are pressure-tested.
Persists run state and transcripts so interrupted work can continue.
Packages the verified change set for human review without silently shipping it.