VIBESPRINT - AI Governance for VS Code

VIBESPRINT enables safe adoption of AI-assisted coding for development teams. It acts as a governance layer that ensures AI can assist with code implementation while preventing uncontrolled structural, functional, security, and cost-related risks.

🚀 Key Features

🎯 Intent-Based AI Control

• Explicit Intent Declaration: Every AI interaction requires declaring intent (BUG_FIX, FEATURE, REFACTOR, TEST, DOCUMENTATION)
• Scope Enforcement: AI changes limited to declared scope (SINGLE_FUNCTION, SINGLE_FILE)
• Guardrail Protection: Prevents unauthorized structural changes and maintains code integrity

🛡️ Security & Compliance

• Vulnerability Scanning: Detects common security issues in AI-generated code
• Audit Trail: Complete logging of all AI interactions in append-only format
• Local Operation: All data stays within your repository - no external dependencies

👥 Team Transparency

• Role-Based Views: Different interfaces for Developers, Scrum Masters, and Product Owners
• Daily Summaries: Automated reports for standup meetings and team visibility
• Agile Traceability: Link AI changes to sprints, stories, and tasks

💰 Cost Management

• Usage Tracking: Monitor token consumption and costs across your team
• Provider Flexibility: Support for OpenRouter, OpenAI, Anthropic, and other providers
• Budget Visibility: Clear cost breakdowns by user, intent, and time period

🎨 Visual Code Distinction

• AI Code Highlighting: Visually distinguish AI-generated code from human-written code
• Authorship Tracking: Track and display code authorship over time
• Editor Integration: Seamless integration with VS Code's syntax highlighting

📦 Installation

1. Install from VS Code Marketplace

   • Open VS Code
   • Go to Extensions (Ctrl+Shift+X / Cmd+Shift+X)
   • Search for "VIBESPRINT"
   • Click "Install"

2. Initialize Your Project

   • Open Command Palette (Ctrl+Shift+P / Cmd+Shift+P)
   • Run: VIBESPRINT: Initialize Project
   • Configure your AI provider credentials

3. Start Using AI Safely

   • Use VIBESPRINT: Request AI Change to begin AI-assisted development
   • Review and apply changes through the diff interface
   • Monitor activity through the sidebar panels

🔧 Quick Setup

1. Configure AI Provider

# Set environment variable (recommended)
export OPENROUTER_API_KEY="your-api-key-here"

2. Basic Configuration

# .vibesprint/vibesprint.yaml
version: "1.0"
mode: "OBSERVE"  # Start with learning mode

guardrails:
  structure:
    allowNewFiles: false
    allowFileRename: false
  security:
    blockCritical: true
    warnOnHigh: true

ai:
  providers:
    - name: "openrouter"
      apiKey: "${OPENROUTER_API_KEY}"
      models:
        - name: "anthropic/claude-3-sonnet"

🎮 Usage

Making AI Requests

1. Position cursor in the function/file you want to modify
2. Run command: VIBESPRINT: Request AI Change (Ctrl+Shift+A / Cmd+Shift+A)
3. Select intent: Choose BUG_FIX, FEATURE, REFACTOR, TEST, or DOCUMENTATION
4. Select scope: Choose SINGLE_FUNCTION or SINGLE_FILE
5. Enter prompt: Describe what you want the AI to do
6. Review diff: Examine proposed changes carefully
7. Apply or reject: Accept changes or try a different approach

Understanding Guardrails

• Structure Protection: Prevents AI from creating/moving files or changing project structure
• Function Boundaries: Blocks changes to function signatures while allowing body modifications
• Security Scanning: Detects vulnerabilities like hardcoded secrets, SQL injection, etc.
• Diff Enforcement: Ensures all AI output is reviewable unified diffs

Team Collaboration

• Daily Summaries: Automatic reports in .vibesprint/daily/ for standup meetings
• Activity Logs: Complete audit trail in .vibesprint/activity.log.yaml
• Usage Tracking: Cost and token consumption in .vibesprint/usage.log.yaml

📊 For Different Roles

👨‍💻 Developers

• Safe AI assistance with clear boundaries
• Visual distinction of AI-generated code
• Rollback support with learning feedback
• Integration with existing development workflow

🏃‍♂️ Scrum Masters

• Daily activity summaries for standups
• Violation tracking and team guidance
• Sprint planning with AI impact assessment
• Team adoption and training oversight

👔 Product Owners

• Cost tracking and ROI analysis
• Velocity impact measurements
• Budget planning and optimization
• Business value reporting

🔒 Security & Privacy

• Local-Only Operation: All governance happens locally within your repository
• No Code Upload: Source code never leaves your environment without explicit AI requests
• Audit Trail: Complete logging with tamper detection
• Configurable Scanning: Customizable security vulnerability detection

🌟 Why VIBESPRINT?

Before VIBESPRINT

• ❌ Uncontrolled AI changes to codebase
• ❌ No visibility into AI usage costs
• ❌ Security vulnerabilities in AI code
• ❌ No audit trail for compliance
• ❌ Team confusion about AI-generated code

After VIBESPRINT

• ✅ Controlled, governed AI assistance
• ✅ Complete cost and usage visibility
• ✅ Automatic security vulnerability detection
• ✅ Full audit trail and compliance
• ✅ Clear visual distinction of AI code
• ✅ Team transparency and collaboration

📚 Documentation

• Installation & Setup Guide
• User Manual
• Developer Guide
• Scrum Master Guide
• Product Owner Guide
• Troubleshooting & FAQ

🤝 Support

• GitHub Issues: Report bugs and request features
• Documentation: Comprehensive guides for all user roles
• Community: Join discussions and share experiences

📄 License

MIT License - see LICENSE file for details.

🏷️ Version History

1.0.0 (Latest)

• Initial release with full governance features
• Support for OpenRouter, OpenAI, and Anthropic
• Complete audit trail and reporting
• Role-based visibility and controls
• Security vulnerability scanning
• Visual code distinction
• Comprehensive documentation

Transform your team's AI-assisted development with VIBESPRINT - Safe, Transparent, Governed.