A cross-repo hook enforcement tool composing safedep/gryph with four production Gate Checks. Universal binary — drop it in any repo, it enforces if repo-aware markers are present, passes through silently otherwise.
Released: 2026-04-15 (v0.6.0-openearth.1) · License: Apache-2.0
Source: codeberg.org/openearth/openearth-gryph (our composed binary) · depends on codeberg.org/openearth/gryph (our fork of safedep/gryph bundling 3 in-flight upstream PRs).
OpenEarth Gryph is a Go binary that hooks into Claude Code (and other AI coding agents) via the system's standard hook mechanism (settings.json). When Claude Code is about to execute a tool — Read, Write, Bash, etc. — the hook fires. Gryph receives the tool call details on stdin, evaluates them against a set of Checks, and either allows, blocks, or provides guidance.
Unlike a proxy, there's no network layer. Hooks are local shell commands. Zero latency, zero telemetry, no cloud dependency.
OpenEarth Gryph composes safedep/gryph's Check interface with four production enforcement rules, each mapping to a specific IAS gate:
Checks supply-chain.json before allowing code generation against an external component. Blocks if the component's assimilation level is 0 or the component isn't registered. Maps to IAS Gate 1.
Blocks standalone docker build -t invocations; forces docker compose build. Prevents image-naming mismatches between standalone and compose builds. Maps to IAS Gate 3.
Blocks curl -sf (which suppresses error bodies). Forces explicit curl -s -o file -w "%{http_code}" pattern. Prevents silent failures from masked HTTP errors. Maps to IAS Gate 4.
When a script file is written, checks for a companion .md documentation file. Emits guidance if missing. Maps to the CONDOC protocol.
One of the key design insights: Checks walk up from the working directory looking for IAS-root markers (config/supply-chain.json + STATEOFCLAUDE.md). If found, they enforce. If not, they pass through silently.
This means the same binary installed globally works everywhere: it's strict in IAS-governed repos, invisible elsewhere. Cleaner than maintaining per-repo configs.
OpenEarth Gryph is the Level 2 observer in the OpenEarth AI Bridge's two-level compliance architecture:
Correlation between the two layers is the basis for session certification. Gryph emits events in the foundation.protocols.ai.gryph.* family (15 event types, Apache-2.0).
Includes 14 Docker smoke cases covering every enforcement branch. Each case exercises a real Claude Code hook invocation with fabricated stdin and verifies the exit code + stderr. Runs in under 5 seconds on a warm container.
Reference implementation for the Docker end-to-end smoke testing pattern now adopted across all openearth/* projects.
92 Go unit tests cover Check logic at the function level. 9 tests cover FindIASRoot (repo-aware traversal).
# Clone and build
git clone https://codeberg.org/openearth/openearth-gryph.git
cd openearth-gryph
make build # → bin/openearth-gryph
# Install as Claude Code hook
openearth-gryph install --agent claude-code
# Run in any repo — enforces in IAS repos, silent elsewhere
claude # your normal workflow, now auditedOpenEarth Gryph builds on safedep/gryph (Apache-2.0). The base gryph provides:
Our contribution sits on top: the four production Checks, the IAS-root discovery, Docker smoke pattern. We've filed three upstream PRs to safedep/gryph adding: feat/claude-guidance-output (#35), feat/extension-point-check-factory (#36), and fix/xdg-override-and-configured-db-path (#37).
While those PRs are in review, we distribute a fork bundling all three at codeberg.org/openearth/gryph tagged v0.6.0-openearth.1. openearth-gryph's go.mod uses a replace directive pointing at this fork. When all three PRs merge upstream, we'll remove the replace directive and bump the github.com/safedep/gryph version.
foundation.protocols.ai.gryph.* events natively (15 views, SafeDep teal accent)Copyright 2026 VakeWorks AB and the OpenEarth contributors. Licensed under Apache-2.0. Source on Codeberg.