Stats

Actions

Available In

Tags

dotforge

Behavior governance for Claude Code. Declare runtime policies on tool calls — "search before writing", "no destructive git", "verify before shipping" — and enforce them via compiled PreToolUse hooks that share a session-scoped state file. Escalates silently → nudge → warning → soft_block → hard_block.

behaviors/no-destructive-git/behavior.yaml # declarative policy ↓ (compile) .claude/hooks/generated/*.sh # runtime enforcement ↓ (observe) .forge/runtime/state.json # counters, flags, per-session

Other tools stop at configuration. dotforge governs behavior — and keeps auditing, syncing, and evolving your .claude/ setup across every repo you manage.

bootstrap → audit → sync → capture → propagate → behaviors ↑ │ └─────────────────────────────────────────────────┘

For people and teams managing more than one Claude Code project.

v4.0 — what's new (2026-06-03)

Audit two-dimension model + override loop retired (v4.0.x)

Override capture loop — shipped in v4.0.0, retired after validation. A portfolio scan found 0 overrides across all 12 projects in ~7 weeks (production included; only 4/12 adopted behaviors at all). The auditable override trail + capture loop (process-override-log.sh, overrides.log, SessionStart wiring) were removed as dead weight. The graduated escalation engine (soft_block) — which IS exercised; the happy path is "verify", not "override" — stays. See .claude/rules/domain/native-vs-dotforge-boundary.md.

scripts/migrate-v3-to-v4.sh — safe migration script with mandatory --dry-run, atomic backup, --rollback. See docs/v4/MIGRATION-V3-TO-V4.md.

Audit two-dimension model — Native Health (0-10: native Claude Code usage + security) + dotforge Adoption (0-4: informational, does not affect the score). Behaviors / workflows moved to the non-penalizing Adoption dimension — native-first projects no longer lose points for skipping dotforge machinery. New Native-Health items: auto-memory hygiene, permission cascade, attribution.

domain/workflow-economics.md (new domain rule) — documents v4 PoC cost-quality findings. Decision matrix: when workflow vs skill. Token economy principles. TL;DR: workflows are 4-25x more expensive than bash skills for recurring work — use only as on-demand escalation, not as default refactor.

workflows/watch.js ships as REFERENCE implementation, NOT promoted to /forge watch default. The bash skill remains the production tool.

What v4 is NOT

The original v4 thesis ("workflow-native everywhere") was REJECTED in Phase 0 PoC. 4 smoke tests measured workflows/watch.js at $5-25 per run vs $0.75-1.00 baseline. /forge sync-all, /forge audit, /forge update, /forge watch stay as bash skills. Full PoC findings in docs/v4/SPEC.md.

v3.13 — what's new (2026-06-03)

Workflow security boundary + ultracode runtime layer (v3.13.0)

English | Español

dotforge

behaviors/no-destructive-git/behavior.yaml  # declarative policy
  ↓ (compile)
.claude/hooks/generated/*.sh                # runtime enforcement
  ↓ (observe)
.forge/runtime/state.json                   # counters, flags, per-session

Other tools stop at configuration. dotforge governs behavior — and keeps auditing, syncing, and evolving your .claude/ setup across every repo you manage.

bootstrap → audit → sync → capture → propagate → behaviors
    ↑                                                 │
    └─────────────────────────────────────────────────┘

For people and teams managing more than one Claude Code project.

v4.0 — what's new (2026-06-03)

Audit two-dimension model + override loop retired (v4.0.x)

Override capture loop — shipped in v4.0.0, retired after validation. A portfolio scan found 0 overrides across all 12 projects in ~7 weeks (production included; only 4/12 adopted behaviors at all). The auditable override trail + capture loop (process-override-log.sh, overrides.log, SessionStart wiring) were removed as dead weight. The graduated escalation engine (soft_block) — which IS exercised; the happy path is "verify", not "override" — stays. See .claude/rules/domain/native-vs-dotforge-boundary.md.
scripts/migrate-v3-to-v4.sh — safe migration script with mandatory --dry-run, atomic backup, --rollback. See docs/v4/MIGRATION-V3-TO-V4.md.
Audit two-dimension model — Native Health (0-10: native Claude Code usage + security) + dotforge Adoption (0-4: informational, does not affect the score). Behaviors / workflows moved to the non-penalizing Adoption dimension — native-first projects no longer lose points for skipping dotforge machinery. New Native-Health items: auto-memory hygiene, permission cascade, attribution.
domain/workflow-economics.md (new domain rule) — documents v4 PoC cost-quality findings. Decision matrix: when workflow vs skill. Token economy principles. TL;DR: workflows are 4-25x more expensive than bash skills for recurring work — use only as on-demand escalation, not as default refactor.
workflows/watch.js ships as REFERENCE implementation, NOT promoted to /forge watch default. The bash skill remains the production tool.

dotforge

Popularity

What's Inside

Confidence

README

dotforge

v4.0 — what's new (2026-06-03)

Audit two-dimension model + override loop retired (v4.0.x)

What v4 is NOT

v3.13 — what's new (2026-06-03)

Workflow security boundary + ultracode runtime layer (v3.13.0)

Similar Plugins

creative-writing

context7-plugin

startup-business-analyst

octo

claude-buddy

dotnet-skills

dotforge

v4.0 — what's new (2026-06-03)

Audit two-dimension model + override loop retired (v4.0.x)

What v4 is NOT

v3.13 — what's new (2026-06-03)

Workflow security boundary + ultracode runtime layer (v3.13.0)

Popularity

Health & Quality

Similar Plugins

creative-writing

context7-plugin

startup-business-analyst

octo

claude-buddy

dotnet-skills