Known Issue — Windows Users: Some users on the latest version of Claude Code may experience issues with Claude tabs not opening correctly. If this happens, click the drop-down arrow next to "Uninstall" in the Extensions panel, select "Install Another Version...", and try recent older versions until you find one that works. This is a Claude Code issue, not a Mault issue — we're tracking it.
Mault
Ship fast. Without the chaos.
End-to-end governance for AI-assisted development.
- Multi-Agent Flows — orchestrate AI agents with isolation and enforcement
- Production Readiness — 9-step journey from "runs locally" to production-ready
- Technical Debt Detection — real-time architectural monitoring across your codebase
Physics, not policy. Hooks that block, not prompts that suggest.
Install Free | Upgrade to Pro ($99 + $7.99/mo)
Requires VS Code + Claude Code for multi-agent workflows. Detectors and Production Readiness Kit work with any AI assistant.
The Problem
You can ship a fleet of AI agents at your codebase. But without guardrails, they:
- Collide — two agents edit the same file, one overwrites the other
- Drift — agents ignore architectural conventions the moment context expires
- Escalate — an agent merges its own PR, ships untested code, and moves on
The fix isn't better prompts. Agents ignore documentation. The fix is enforcement at the tool level: hooks that block file writes outside declared zones, gates that prevent merging without CI, and budgets that cap how much any single agent can change.
Mault solves this with physics: errors agents cannot bypass, not guidelines they can ignore.
Multi-Agent Flows [Pro]
Guided multi-agent workflows with role separation, worktree isolation, and pull-based task scheduling. Each role has minimum-permission allowlists enforced by Claude Code's hooks system — agents can only do what their role permits.
Tested for TypeScript/JavaScript and Python. Requires VS Code + Claude Code with bypass permissions enabled.
Who this is for:
- Vibe coders who want AI to do the heavy lifting but don't trust fully autonomous flows
- Teams that require senior-level code reviews before anything hits main
- Non-technical founders who need guided testing and verification they can follow
- Solo developers who want to ship faster without sacrificing quality
The 7-Role Handoff Chain
PLANNER ──► ORCHESTRATOR ──► WORKER(s) ──► REVIEW ──► TESTER ──► COMPLIANCE
Step 1 Step 2 Step 3 Step 4 Step 5 Step 6
│ │ │ │ │ │
plan.md issues + PRs with merged quality audit
delegation-map mault-ready to main report report
SUPERVISOR — Escape hatch. Unrestricted access for blocked workflows (mault-escalation).
Click a role in the Mault Panel. Settings are written, a Claude Code tab opens with the prompt auto-submitted. Zero friction — no manual config, no copy-pasting prompts, no remembering which agent does what.
| Role |
What It Does |
Cannot Do |
| Planner |
Builds a plan WITH you — you approve every decision |
Write code, create issues, modify files outside .mault/ |
| Orchestrator |
Creates atomic GitHub issues with zones, budgets, and dependency ordering |
Write code, create PRs, push branches |
| Worker |
Picks up issues, writes code via TDD, creates PRs labeled mault-ready |
Merge PRs, push to main, exceed zone/budget |
| Review Agent |
Merges PRs when all CI passes, routes failures back to Worker |
Create PRs, write code |
| Tester |
Runs tests, generates manual test plans, verifies merged work |
Modify source code, install packages |
| Compliance |
Audits the completed cycle for policy adherence and retention |
Modify code or merge PRs |
| Supervisor |
Escalation handler — unrestricted access for blocked workflows |
N/A (escape hatch) |
Isolation — How Agents Can't Interfere
The hardest problem in multi-agent development isn't generating code — it's preventing agents from stepping on each other. Mault solves this with five layers of physical isolation:
Five layers prevent agent collision:
| Layer |
Mechanism |
What It Prevents |
| Atomic Tasking |
One issue = one branch = one PR |
Scope creep, tangled changes |
| Worktree Sharding |
Each worker gets its own git worktree |
File-level collisions between agents |
| PID Identity |
.mault/sessions/{pid}.json per agent |
State corruption between concurrent sessions |
| Preauth Sessions |
Sessions created before tabs open |
Race conditions during agent startup |
| Pull-Based Queue |
Workers self-select from shared issue pool |
Static assignment bottlenecks |
Worker Isolation (Worktree Sharding)
MAIN WORKSPACE WORKTREE SLOTS
┌─────────────────┐
│ main branch │ ┌──────────────────────────────┐
│ .mault/ │ │ ../mault-worker-a/ │
│ .claude/ │ │ feat/101-sprint-state │
│ │ │ (Worker 1's branch) │
│ NOT for coding │ └──────────────────────────────┘
│ Orchestrator & │ ┌──────────────────────────────┐
│ Review Agent │ │ ../mault-worker-b/ │
│ work here │ │ feat/102-toggle-ux │
└─────────────────┘ │ (Worker 2's branch) │
└──────────────────────────────┘
Workers CANNOT interfere. Each has its own git working tree.
Worker and review tabs automatically route to their worktree CWD.
Pull-Queue Model (Self-Balancing)
No static task assignment. Workers pull from a shared issue pool on GitHub, gated by dependency ordering:
SHARED ISSUE POOL (GitHub)
seq-0: [#101](https://github.com/nootan-ai/mault-memory-layer/issues/101) [open] [#102](https://github.com/nootan-ai/mault-memory-layer/issues/102) [open] [#105](https://github.com/nootan-ai/mault-memory-layer/issues/105) [open]
seq-1: [#103](https://github.com/nootan-ai/mault-memory-layer/issues/103) [open] (blocked until seq-0 closed)
seq-2: [#104](https://github.com/nootan-ai/mault-memory-layer/issues/104) [open] (blocked until seq-1 closed)
│ │
WORKER A WORKER B
pulls [#101](https://github.com/nootan-ai/mault-memory-layer/issues/101) pulls [#102](https://github.com/nootan-ai/mault-memory-layer/issues/102)
FINISHES → FINISHES →
pulls [#105](https://github.com/nootan-ai/mault-memory-layer/issues/105) pulls [#103](https://github.com/nootan-ai/mault-memory-layer/issues/103) (seq-1 unlocked)
SELF-BALANCING: Fastest worker gets next task. No static assignment.
The orchestrator assigns sequence numbers (mault-seq-N) for dependency ordering. Workers scan seq-0 first, then seq-1 when all seq-0 tasks close, and so on. Race conditions are handled by post-claim verification.
Runtime Enforcement — 9 Hooks
These hooks run automatically during managed agent sessions. They are the "physics" layer — agents cannot bypass them, ignore them, or reason their way around them.
| Hook |
Trigger |
What It Enforces |
| Agent Bootstrap |
SessionStart |
Injects task boundaries, fix-first warnings, preauth claim flow |
| Zone Boundary |
PreToolUse |
Blocks file writes outside declared zone |
| Budget Gate |
PostToolUse |
Warns at 80%, blocks at 100% of file/LOC budget |
| Role Permission |
PreToolUse |
Workers can't merge, orchestrators can't push, planners can't write code |
| Receipt Gate |
Stop |
Blocks session end without structured completion receipt |
| Review Completion |
Stop |
Blocks review agent exit without Sentry post-merge check |
| Queue Gate |
SessionStart |
Workers verify zone availability and dependency ordering |
| CWD Ownership |
SessionStart |
Ensures agent tabs open in the correct worktree CWD |
| Preauth Session |
SessionStart |
Creates session identity before tab opens — zero-friction startup |
All hooks fail-open outside managed sessions — safe to use alongside normal development. The hooks are composable and only activate when .mault/current-task.json exists.
Completion Chime
Switch focus while agents work on 10-20 minute tasks. When a step completes, you hear a system beep and see a VS Code notification with:
- Which role just finished
- A brief summary of what was accomplished
- Which step to click next
Works on Windows (PowerShell), macOS (osascript), and Linux (paplay/spd-say). Disable with mault.sound.enabled in VS Code settings.
The Full Flow
Click "Step 1: Planner" in Mault Panel
│
▼
PLANNER ── builds plan with you ── writes .mault/plan.md
│ 🔔 Chime → "Next: Step 2 Orchestrator"
▼
ORCHESTRATOR ── creates GitHub issues from plan
│ 🔔 Chime → "Next: Step 3 Worker"
▼
WORKER ── picks up issues, writes code, creates PRs
│ 🔔 Chime → "Next: Step 4 Review Agent"
▼
REVIEW AGENT ── merges PRs when CI is green
│
├── Open tasks remain? → "Go back to Step 3: Worker"
└── All done? → "Next: Step 5 Tester"
│
▼
TESTER ── runs tests, verifies everything works
│
├── Tests pass? → COMPLIANCE ── audits the cycle → 🎉 Done!
└── Tests fail? → Loop: Worker → Review → Tester
Fully-Autonomous Mode [Experimental]
Same roles, same isolation, same enforcement. Agents hand off automatically without human clicks. Coming soon for community testing.
Production Readiness Kit [Pro]
A structured 9-step journey that takes your project from "runs locally" to production-ready. AI reads the spec and generates language-specific scripts for your stack.
Production Readiness Levels
| Level |
Name |
What It Means |
| 0 |
Runs locally |
Just code — works on your machine |
| 1 |
Reproducible |
Someone else can run it (requirements.txt, .env.example) |
| 2 |
Portable |
Runs in a container (Dockerfile, docker-compose.yml) |
| 3 |
Deployed |
Runs in the cloud (CI/CD pipeline, cloud config) |
| 4 |
Reliable |
Stays running (health checks, logging, rollback) |
The Kit takes you from Level 0 → Level 4.
The 9 Steps
| Step |
Category |
What It Creates |
| 1 |
Infrastructure |
Git repository, .gitignore, branch conventions |
| 2 |
Infrastructure |
.env.example, secrets management |
| 3 |
Infrastructure |
Dockerfile, docker-compose.yml |
| 4 |
Infrastructure |
CI/CD pipeline (GitHub Actions) |
| 5 |
Testing |
TDD framework (Jest/pytest/go test/JUnit) |
| 6 |
Hooks |
Pre-commit hooks (up to 9 layers) |
| 7 |
Enforcement |
Mault polyglot detectors + drift detection |
| 8 |
Governance |
AI-generated governance scripts + baselines |
| 9 |
Testing Rules |
AI coder testing rules (.cursorrules, copilot-instructions) |
Getting started:
- Purchase Pro via the extension or mault.ai/billing
- Run command "Mault: Open Production Readiness Kit (Pro)"
- Copy the setup prompt into your AI coding assistant (Claude Code, Cursor, Copilot, ChatGPT)
- Watch progress in the Problems Panel (
Ctrl+Shift+M) — each step clears as it completes
- Use Quick Fix actions (lightbulb /
Ctrl+.) on each step for AI-ready prompts
Steps 1-3 and Step 9 are available FREE in Core. Steps 4-8 require Pro.
Language support: Fully tested with TypeScript/JavaScript and Python. Pro step templates available for Go, Rust, Java, .NET, C++, Swift, and Julia (AI-generated, not yet fully tested).
Philosophy Guides (14 included)
The Kit includes battle-tested philosophy guides that explain the why behind enforcement. AI coders read these and generate language-specific governance scripts:
- Rising Tide — tests >2x source size = mock tax, convert to integration test
- Iron Dome — type-safety holes (
any, type: ignore) can only decrease, never increase
- TDD — red-green-refactor with Pure Core pattern for testable business logic
- Ratchet Strategy — count violations, set baseline, block increases. Quality only improves.
Every rule is enforced as physics: error blocks the commit, warn is just a suggestion.
For Existing Projects
Same setup process, but AI detects what already exists. Has Git? Skip Step 1. Has Dockerfile? Skip Step 3. Has pre-commit? Skip Step 6. The Rising Tide model grandfathers existing issues while blocking new ones.
Governance Gate CI [Pro]
A GitHub Actions workflow that enforces Mault governance rules in CI. It runs automatically on pull requests and blocks merges that introduce architectural violations.
- Detects your project's language stack (9 stacks supported: Node, Python, Go, Java, Rust, C#/.NET, C++, Swift, Julia)
- Runs Mault detectors as CI checks
- Blocks PRs that introduce new violations (rising-tide model)
- Integrates with branch protection rules
The Governance Gate is configured automatically during Step 8 of the Production Readiness Kit.
Technical Debt Detection [Core + Pro]
Real-time architectural detectors that surface violations in the VS Code Problems panel. Each finding includes a context-rich AI prompt you can copy into any assistant. Detectors work with any AI coding assistant — Cursor, Copilot, Claude, ChatGPT, Windsurf.
Detectors are polyglot by default (file/folder pattern matching). Advanced detectors use import analysis (JS/TS) or AST analysis (JS/TS, Python) for deeper inspection.
What it catches:
| Example |
Detector |
| Files placed in wrong directories |
Directory Reinforcement |
| Deprecated libraries or APIs still in use |
Legacy Path Prevention |
| Inconsistent naming (camelCase vs snake_case) |
Convention Reinforcement |
| OS-specific paths that break cross-platform |
Environment Reinforcement |
| Too many files in source root without structure |
Flat Architecture |
| Versioned duplicates (_v1, _backup, _old) |
File Proliferation |
| Files/functions exceeding LOC thresholds |
Monolith Detection |
| Source files without tests in correct pyramid layer |
Missing Test Detection |
| Vulnerable or outdated npm packages |
Dependency Health |
...and more. See DETECTORS.md for the full list with technical flow charts.
Runtime Hooks: Core vs Pro
Core hooks use simple pattern matching — effective for basic TDD enforcement. Pro hooks understand your project's testing architecture: adapters need adapter-verification tests, detectors need behavioral tests, commands need gold-standard tests.
| Feature |
Core (Free) |
Pro |
| Implementation |
3 bash one-liners |
5 Node.js scripts with layer awareness |
| Test Gate |
Blocks edits if no test file exists (glob match) |
Routes to correct pyramid layer (pure-core, adapter, behavioral, gold-standard, event-flow) |
| Size Gate |
Blocks files >600 LOC |
Warn >300, fail >600, functions >75, files >20KB |
| Stop Gate |
Runs test suite at session end |
Parses transcript, verifies every modified file has correct test type |
| Session Context |
— |
Injects full testing pyramid convention table |
| Hard-Coded Values |
— |
Scans for hard-coded URLs, IPs, ports, semver |
Works with any AI assistant. Claude Code gets hook enforcement. Cursor, Copilot, Windsurf, and ChatGPT get equivalent enforcement through the Problems Panel via Monolith Detection and Missing Test Detection.
For agents without Claude Code hooks: The Monolith Detection and Missing Test Detection detectors provide equivalent enforcement through the Problems Panel, ensuring that testing rules Mault helps you write (Steps 5 and 9) are enforced regardless of which AI coding assistant you use.
Enforcement Spectrum
Mault escalates enforcement from gentle nudges to hard blocks:
LEVEL 1 LEVEL 2 LEVEL 3 LEVEL 4
┌──────────┐ ┌──────────────┐ ┌──────────────┐ ┌──────────────┐
│ warn │ → │ error │ → │ CI block │ → │ hook deny │
│(Problems │ │(blocks save) │ │(blocks merge)│ │(blocks agent)│
│ Panel) │ │ │ │ │ │ │
└──────────┘ └──────────────┘ └──────────────┘ └──────────────┘
suggestion cannot ignore cannot merge cannot proceed
Choose your detection level: Gentle (3 detectors), Balanced (10 detectors), or Full (all detectors). Ratchets ensure quality only improves — existing issues are grandfathered, new issues are blocked.
Pricing
| Tier |
Price |
Includes |
| Core |
FREE forever |
Architectural detectors, AI prompts, quick fixes, basic runtime hooks |
| Pro |
$99 + $7.99/mo |
All Core + Multi-Agent Flows, Production Readiness Kit, advanced hooks, Governance Gate CI |
Pro Pricing Model:
- $99 one-time activation unlocks Pro features
- 30-day grace period included
- $7.99/month subscription required after grace period
- If subscription lapses, you return to Core FREE — no lock-in
Purchase Pro ($99) | Manage Billing
Getting Started
- Install Mault from the VS Code Marketplace
- Initialize — run
Mault: Initialize from the Command Palette (Ctrl+Shift+P)
- Create rulebook — add
docs/mault.yaml (version: 1) to your workspace
- Choose your path:
- Core (free) — detectors activate immediately, findings appear in Problems panel
- Pro — run "Mault: Open Production Readiness Kit (Pro)" and follow the 9-step journey
- Multi-Agent — complete all 9 Pro steps, then click roles in the Mault Panel sidebar
Requirements & Commands
Requirements:
- VS Code 1.96+
- Workspace containing
docs/mault.yaml (version: 1)
- Trusted workspace for full functionality
- Claude Code required for multi-agent workflows and runtime hooks
Key Commands (Command Palette: Ctrl+Shift+P / Cmd+Shift+P):
| Command |
Description |
Mault: Initialize |
Initialize Mault in the workspace |
Mault: Set Detection Level |
Choose Gentle (1), Balanced (2), or Full (3) |
Mault: Copy Prompt to Fix |
Copy AI-ready prompt for selected finding |
Mault: Refresh Mault Panel |
Re-run all detectors and refresh findings |
Mault: Open Production Readiness Kit (Pro) |
Open the 9-step production-ready journey |
Mault: Create Test File (Testing Pyramid) |
Create test file with correct layer routing |
Mault: Generate Architecture Diagram (Pro) |
Visualize dependency graph |
Mault: Analyze dependency health |
Check for vulnerable packages |
Mault: Audit Configuration |
Validate mault.yaml |
Mault: Open AI Coder Guide |
Setup guide for AI assistants |
See CHANGELOG.md for detailed release notes.
Data & Privacy Disclosure
Mault performs core governance and integrity analysis locally within VS Code. Certain features, such as dependency health checks, may perform network requests to retrieve external metadata.
What connects to the internet:
- Authentication: Email/OAuth for account creation
- Payments: Processed securely via Stripe (we never store card details)
- Entitlement checks: Subscription validation
- Error reporting: Crash diagnostics, no code content
- Usage analytics: Feature metrics, opt-out via
mault.usage.enabled setting
AI-powered features (optional, user-invoked only):
- Code snippets may be processed to generate semantic embeddings
- Embeddings are stored for search functionality
- Raw code is not stored; embeddings cannot reconstruct source code
What we don't do:
- No user code is stored on external servers
- No data is used for AI model training
- No payment card details are stored by Mault (handled entirely by Stripe)
For full details, see our Privacy Policy.
Important Disclosures
- Backend Connection: This extension connects to Mault's backend service for authentication and Pro license management.
- Account Required: A Mault account is required to use this extension.
- Mault Core: All architectural detectors + basic runtime hooks are FREE forever. Advanced runtime hooks require Pro.
- Mault Pro: $99 activation + $7.99/month for automated governance, early access, and Production Readiness Kit.
- Links: Privacy Policy | Terms of Service | Billing
License
The Mault VS Code extension is licensed under the Apache License, Version 2.0.
Use of Mault's cloud services is governed separately by Mault's Terms of Service.
Legal & Support
