Skip to main content

vybdocs

The constraint engine and signed audit trail for AI-generated code.

As AI coding tools — Cursor, Claude Code, GitHub Copilot, Cline — become the primary way code gets written, a new problem emerges: your engineering standards live in no one's head. The AI doesn't know your stack decisions. It doesn't know you chose Zod over Yup, Postgres over MongoDB, or that eval() is banned. It writes code that compiles and runs, but drifts from your standards on every commit.

vybdocs fixes this. You declare your constraints once in .vyb/spec.yaml. Every AI-generated commit gets checked against them. Violations are blocked at PR time — across every AI tool, every developer, every IDE.

What vybdocs does

Constraint engine
Declare rules in .vyb/spec.yaml — forbidden patterns, required libraries, severity floorsUniversal enforcement
vyb check runs at PR time across Cursor, Claude Code, Copilot, and ClineSigned audit trail
Hash-chained, Ed25519-signed Evidence Pack produced on every check runCompliance mappings
Rules map directly to SOC 2, EU AI Act, HIPAA, and DORA controlsVertical packs
5 pre-built rule packs for regulated industries, ready to activate in one commandMCP server
Propose and commit new rules interactively from Claude Desktop

The core loop

Developer selects available packs or creates custom constraint packsvyb init --pack <name> · each pack enforces its own rule set at PR timeEU FINTECH PACKvyb init --pack eu-fintechAI writes codeCursor / Claude Codegit push · open PRPull Request opened$ vyb checkrules evaluated against diff◇ PASSEvidence PackgeneratedPR unblocked→ merge◆ BLOCKViolations listedPR blockedfix & re-push↺ loopMERGED ✓US HEALTHTECH PACKvyb init --pack us-healthtech-phiAI writes codeCopilot / Clinegit push · open PRPull Request opened$ vyb checkrules evaluated against diff◇ PASSEvidence PackgeneratedPR unblocked→ merge◆ BLOCKViolations listedPR blockedfix & re-push↺ loopMERGED ✓CUSTOM PACKvyb init --pack your-standardsAI writes codeAny AI coding toolgit push · open PRPull Request opened$ vyb checkrules evaluated against diff◇ PASSEvidence PackgeneratedPR unblocked→ merge◆ BLOCKViolations listedPR blockedfix & re-push↺ loopMERGED ✓

Architecture in 60 seconds

  1. .vyb/spec.yaml — your single source of truth. Defines rules, categories, severities, and compliance mappings.
  2. vyb check — the enforcement command. Scans your staged or committed diff against every rule in the spec. Runs in CI, pre-commit hooks, or locally.
  3. Evidence Pack — a PDF + JSON artifact produced on every successful vyb check. Hash-chained and signed with Ed25519. Maps each passed rule to a compliance control.
  4. Packs — pre-built bundles of rules for specific verticals (eu-fintech, us-healthtech-phi, etc.). Apply one command: vyb init --pack eu-fintech.
  5. Web UI — a local interface at localhost:7777 for editing your spec, viewing live rule traces, and chatting with the rule engine.

The one-way ratchet

Severity in vybdocs is a one-way ratchet. Once a rule is declared at severity block, LLMs cannot downgrade it to warn or info — not through the MCP server, not through the UI. This prevents AI tools from silently relaxing your compliance posture.

info  →  warn  →  block   ✓  (upgrade allowed)
block →  warn  →  info    ✗  (downgrade rejected)

Pricing

TierPriceMinimumLimits
OSSFree (MIT)All features, self-hosted
Pro$30 / dev / mo5 developersHosted Evidence Pack storage, SLA
Business$50 / dev / mo25 developersSSO, audit export, priority support

Key date: Aug 2, 2026

The EU AI Act enforcement window opens August 2, 2026. Any organization deploying AI-assisted software in regulated EU contexts will need an audit trail. vybdocs generates that trail automatically.

Ready to start? Go to Installation.