Project Starfish Devlog GitHub

Devlog

Building a governance-first AI

A build journal: how Project Starfish went from a single decision (deny by default) to governing real agents.

Governing Claude Code itself

Deny-by-default as an overlay, and a lockdown the agent cannot switch off.

Going public: Apache-2.0, on npm and GitHub

Free for personal and commercial use, with the trademark as the moat.

No more 'my agent deleted my drive'

Governed, reversible deletion and a Custodian bound by hard rules.

Model-agnostic, and proving the work

The runtime spine, model independence, and the Evidence Gate: no unbacked word.

Burning the boat: from strangler to clean-room

We stopped salvaging the fork, rebuilt clean, and hardened the skin.

Toby and Hank: the only door in, and a watcher that cannot lie

Capability intake, runtime monitoring, and the portable overlay that became the product.

The governed core: a deny-by-default PDP, a hash-chained audit, and a boundary engine

Phases 0 through 4: the trusted base everything else stands on.

Why we are building Project Starfish

Everyone ships skills. Nobody ships governance.

Project Starfish · a governance-first, deny-by-default AI ecosystem · Apache-2.0. This devlog is a backdated build journal reconstructed from the project history.