{"id":"sgroy10-speclock","name":"speclock","af_score":51.5,"security_score":57.0,"reliability_score":32.5,"what_it_does":"SpecLock is an AI constraint/policy enforcement system for coding agents. It defines text and typed constraints (locks), reviews intended changes (including diff-based review), blocks or warns on violations via a hard/enforcement mode, and provides auditing (HMAC chain) plus encryption and RBAC for enterprise use. It also exposes MCP tooling and a REST API for automated review/checking, with a Python SDK and ROS2 integration described.","best_when":"You run AI-assisted or autonomous code changes and need consistent cross-session enforcement of rules (especially for sensitive modules like auth/payments/data) with review and audit trails.","avoid_when":"You cannot integrate the enforcement layer into your agents’ toolchain, or you need a well-defined OpenAPI spec/SDK docs with concrete, verifiable error/rate-limit semantics.","last_evaluated":"2026-03-30T15:34:23.771815+00:00","has_mcp":true,"has_api":true,"auth_methods":["API key auth","RBAC roles (viewer/developer/architect/admin)"],"has_free_tier":true,"known_gotchas":["Enforcement mode (hard vs advisory) must be correctly enabled; otherwise the agent may only receive warnings.","Semantic classification and diff review may block even when intent seems safe; agents should be prepared to use override/approval flows.","Patch gateway review requires supplying accurate file lists and (for review-diff) diffs; missing/incorrect inputs may change verdict quality.","Audit chain/encryption/auth features imply configuration requirements (e.g., encryption key) that an agent setup step must handle."],"error_quality":0.0}