THE PROCESS LAYER OF AI-DRIVEN DEV
Silver Bullet is the orchestration layer that runs inside your Claude Code, Codex, or Cursor session. It composes the right workflow for the task, blocks unsafe commits, PRs, and releases until the evidence is real, and stays out of the way for the work that should be fast.
You did not adopt an AI coding agent to ship inconsistent work. You adopted it to ship faster. But every team using agents at scale runs into the same walls — and those walls are not in the model. They are in the process around the model.
You gave it a task. It started coding. No spec, no accepted assumptions, no coverage check. The path of least resistance is always to start changing code — so that is what the agent does, even when a spec would have caught the wrong assumption in 90 seconds.
The accepted criteria live in one document. The plan lives in another. The PR description was written from memory. Reviewers cannot tell which criteria were actually delivered — and the next person to touch the code has no idea what the original intent was.
The agent commits and opens a PR. No fresh tests since the last source change. No code review. No UAT evidence. No docs update. No release-readiness check. The PR is open and labeled ready, but the evidence is not in the record.
As the context window fills, the agent’s outputs degrade. The early part of the conversation is forgotten. Instructions given two hours ago stop being followed. The best workflows in the world mean nothing if the agent is operating on a rotting context.
Infrastructure edits are treated like any other commit. There is no map of what depends on this resource, what fails if it fails, or what the rollback plan looks like. One Terraform change becomes a four-hour outage because nobody asked the questions before the merge.
Every session starts cold. The agent re-reads files it has already read. It re-discovers decisions already made. It re-fixes bugs already fixed. Context Mode and RTK exist for a reason — but most teams wire them in inconsistently or not at all.
What did we agree last sprint? Why did we pick Postgres over DynamoDB? Where is the ADR for this? The answers exist somewhere in conversation history that nobody can find. The next session starts blind.
Shell injection, markdown injection, hardcoded secrets, prompt injection in ingested artifacts — the agent does not check before it writes. Security gets bolted on in a follow-up PR that costs five times more than catching it at the source.
Deferred work gets mentioned in passing and never tracked. “Let’s come back to that” means never. The agent finishes a feature and immediately starts another, leaving a graveyard of half-promised improvements scattered across the repo.
Rework, incidents, and top-tier token burn compound — cheaper models without gates do not save money if they ship defects.
Engineers re-litigate requirements, re-run tests, and re-review PRs agents already declared “done.”
Competitors orchestrate; teams on vibes accumulate security and traceability debt that compounds every sprint.
Review fatigue and mistrust of agent output erode the AI investment story with leadership — even when individual PRs look fine.
It does not have to be ceremony for every typo — but high-risk work needs a system that pushes back.
Process debt in an AI-driven codebase compounds differently than in a human-driven one. The agent does not ask for clarification. It does not push back on an ambiguous spec. It just produces output that looks complete.
When reviewers stop trusting agent PRs — or leadership stops trusting the team’s AI velocity numbers — the cost is not a line item. It is the story you have to rebuild before the next budget conversation.
Imagine the agent you wish you had. Not a smarter model — the same model, working inside a process that actually pushes back.
You open Monday’s PR queue and every merge request links to accepted spec criteria — not a vague agent summary. Your team routes typos through a fast path and features through spec, review, and fresh tests without you re-explaining the rules each session. Leadership sees audit trails and gate evidence, while you keep using the models and hosts you already chose — including models that cost a fraction of frontier tiers.
You ask the agent for a feature. It asks you which spec it should follow. It writes the spec coverage check before it writes any code. It commits in checkpoints. It opens a PR with a traceability block that links every line back to an accepted criterion. CI fails — it fixes CI. A review round flags a finding — it triages the finding and re-issues clean. The stop hook blocks it from declaring done until the evidence is in the record. You review the PR once and merge. The release gets shipped.
That is not a dream. That is what Silver Bullet’s two-tier discipline and twelve hook layers are designed to produce. The agent reasons. The environment decides whether unsafe actions proceed.
You get the speed of agentic execution with the rigor of an engineering organization. Small edits stay trivial. Big edits get the full chain. Every delivery boundary has evidence behind it or the boundary refuses to move.
If you have watched an agent skip the review skill the moment context compacts — or open a PR because it can, not because the evidence is there — you already know why we built this. Execution engines and review skills exist. Agents still bypass them when pressure rises.
Silver Bullet is hook-enforced orchestration across Claude Code, Codex, and Cursor — dogfooded daily in this alpha OSS repo. We did not build it to be smarter than the models. We built mechanical gates plus code-intelligence retrieval, not another prompt template, because no model can be trusted with delivery on its own.
The catalog is open. The plugin is free forever — no strings attached, no telemetry. The agent stays yours. Silver Bullet is the layer in between that makes the layer above it trustworthy.
The mechanism is not a better prompt. It is a catalog of 27 atomic flows composed into 22 task-shaped workflows, executed by your agent, with twelve hook layers that physically block unsafe progress. The model can reason. Only the environment can decide.
/silver classifies the task and composes the chain it needs. Feature, bugfix, UI, DevOps, deploy, canary, refactor, test, worktree, content, benchmark, incident, retro, release, research, spec, ingest, validate, docs, tracking — and the fast path. Each route is pre-composed. The agent does not improvise the process.
Intermediate commits require only the planning floor (default: silver:quality-gates). Final delivery — gh pr create, gh release create, deploy — requires the full deploy skill list and V-loop evidence at every flow step. Agents can move fast in the middle. They cannot ship unverified at the edges.
SessionStart state reset, PreToolUse/Bash planning gate, completion audit, roadmap freshness, CI status, spec floor, planning-file guard, PostToolUse skill recording, prompt reminder, stop hook, completion audit at commit/PR, branch-finish readiness — all enforcing, none decorative.
Every flow step emits a finding row with BLOCK / WARN / INFO severity. validate-evidence-findings runs at PR/release. Findings that are not closed cannot ship. The schema is the contract; the validator is the gatekeeper.
Session-start captures spec version and JIRA ID. PR descriptions append a traceability block. Roadmap freshness is checked at commit time. Deferred validation warnings surface before release. The audit trail survives long sessions and context compaction.
Graphify + agentmemory wire a knowledge graph of accepted decisions, ADRs, and durable learnings. RTK + Context Mode compress tokens and index large files. The next session starts where the last one left off — not from zero.
Catalog authority: docs/apo-catalog.json. The catalog is the contract; the workflows and atomic flows are the implementation.
Every workflow is built from the same atomic flow library. Reusable, testable, contractually defined.
ROUTE — task classificationBOOTSTRAP — project initSPECIFY — requirements + ingestionPLAN — phase coverageEXECUTE — checkpointed implementationVERIFY + SECURE + REVIEWSHIP + RELEASE + DOCUMENTPre-composed sequences for every common delivery shape. You pick the task. The router picks the chain.
/silver:feature — governed build/silver:bugfix — debug → ship/silver:ui — design + UI gates/silver:devops — blast radius first/silver:deploy · /silver:canary/silver:release · /silver:incident/silver:retro · /silver:fastEach flow step has a local V-loop with subagent dispatch and opted-in tool governance. Evidence is produced where the work is produced.
Host hooks block unsafe progress; workflow state records what actually ran; Graphify, agentmemory, RTK, and Context Mode keep cheaper models oriented in large repos. The thesis is not “use a worse model.” It is: enforced process plus retrieval so you are not paying frontier API prices for every planning pass, re-read, and gate check.
Process gates stop unsafe delivery. Code intelligence stops context rot and knowledge blindness — the daily IC pain of re-reading the same files and re-discovering decisions every session.
Builds a persistent knowledge graph of your codebase — symbols, dependencies, and inferred relationships. Query before you grep: scoped subgraphs, path between symbols, and concept explainers that surface cross-file edges cheap models miss.
Captures accepted decisions, ADRs, and durable learnings across sessions. When the conversation compacts, the graph does not. The next agent turn starts with what the team already agreed — not a blank slate.
Token compression for files the agent has already ingested. Stops paying to re-send solved context on every turn. Wired as an opt-in recommended tool with hook reminders when compression would reclaim budget.
Indexes large files and monorepo subtrees so the agent retrieves slices instead of stuffing whole trees into the window. Pairs with Graphify retrieval for orientation without frontier-model context limits.
Silver Bullet ships with a diagnostic probe that reports what enforcement tier your host actually supports. No marketing claims. The numbers come from the hooks on your machine.
SessionStart, PreToolUse (Bash, Edit, Skill, MultiEdit), PostToolUse, Stop, UserPromptSubmit. The full enforcement surface is observable and auditable.
Every reusable primitive, contractually defined in docs/apo-catalog.json and kept in sync with generated views.
Each one routes by task signal. Each one ends with explicit ship evidence. The router does not improvise.
Local V-loops with subagent dispatch and tool governance. Evidence is produced where work is produced.
The catalog reports capability tier per host. Claude Code, Codex, and Cursor each reach their documented ceiling — no marketing-tier claims.
No credit card. No telemetry. No vendor lock-in. Open catalog, hook-enforced gates — install once and keep your agent.
Silver Bullet enforces process at the agent boundary — it does not replace production observability, load testing, or continuous security scanning. Those remain documented roadmap gaps. SB is designed to reduce skipped gates and traceability drift before code leaves the session; outcome validation in production remains your responsibility.
Core software-engineering workflows run through Silver Bullet skills. Optional DevOps and provider plugins remain extension points for specialized domains — not replacements for the process.
silver:context and silver:plan for project framingsilver:execute for checkpointed or autonomous executionsilver:verify, silver:review, and silver:ship/silver:completion-audit before delivery/silver:branch-finish for branch readinesssilver:test for tests, E2E, repair, performance, mutationsilver:deploy and silver:canary runtime evidencesilver:incident and silver:retro learning loopssilver:domain-audit for specialized packssilver:content for docs, search, migration, articlessilver:refactor for behavior-preserving changesilver:benchmark for repeatable agent or approach evals.planning/interface/STATE.md.silver:ui-contract stamps interface STATE on initSilver Bullet integrates Graphify (knowledge graphs), agentmemory (durable cross-session memory), RTK (Rust Token Killer for shell/dev commands), and Context Mode (large-file indexing + query). The same hooks that enforce process also enforce the use of these tools — so the next session picks up where the last one left off without paying the rediscovery tax.
For the devops-cycle workflow, Silver Bullet integrates best-in-class DevOps plugins as optional contextual enrichments. A smart skill router maps your IaC toolchain and cloud provider to the best available skill — with automatic fallback chains.
If you have used other agent plugins, you have been disappointed before. Here are the honest answers to the honest questions.
silver:fast. The fast path escalates to feature composition only when scope actually expands./silver:process-maintenance is the explicit lane for phase, thread, backlog, and migration work that does not fit a delivery shape.Silver Bullet pushes back. If you want a permissive agent with no gates, the plugin will feel like friction. That friction is the product.
Silver Bullet uses an evidence schema with BLOCK / WARN / INFO, not a 0–100 score. We do not collapse severity into a single number that erases meaning.
Model routing is host-owned. Silver Bullet orchestrates the workflow around the model your host already runs — we do not own the model decision.
Silver Bullet is the APO layer. It assumes you have an existing agent and want to put a process around it. If you only need inline code completion, this is overkill.
Silver Bullet matches the capability families quality-layer tools advertise — domain audits, test depth, deploy/canary, backlog, session recovery — but routes them through hook-enforced workflows with artifacts and gates instead of per-concern commands or numeric grades.
| Concern | Typical quality-layer plugins | Silver Bullet (v0.51.0) |
|---|---|---|
| Workflow entry | Session-start auto-routing; large skill menus | Explicit /silver router; 22 pre-composed workflow routes plus 36 marketplace command stubs behind one entry point |
| Enforcement | Mostly instruction-following; refusal when agents cooperate | Twelve hook layers: completion audit, stop hook, planning guards, CI/test freshness |
| Quality findings | Tiered numeric scores and grade bands | Shared docs/evidence-schema.md with BLOCK/WARN/INFO; delivery gate via validate-evidence-findings |
| Domain audits | Many named audit/fix commands | /silver:domain-audit pack matrix inside existing workflows |
| Backlog & deferred work | Tech-debt lists in reviews | /silver:add with fingerprint, dedup, and prioritization scripts |
| Hosts | Multi-host marketing with uneven enforcement proof | Claude Code, Codex, and Cursor with documented capability tiers 0–3 and sb-diagnostics |
| Release path | Ship/deploy/canary as separate commands | Milestone audit, UAT, docs gates, /silver:ship, /silver:create-release |
100% free forever. No credit card. No telemetry. No vendor lock-in. The plugin is yours; the hooks are yours; the agent stays yours.
After running /silver:init, hooks are active and the workflow is live. Use /silver <anything> when you want SB to classify the task and compose the right chain. For app projects, SB runs the core lifecycle directly. For DevOps projects, blast radius assessment and IaC-adapted quality gates are composed in automatically. Missing required SB gates fail closed with install-and-retry guidance.
The authoritative source of truth is docs/apo-catalog.json. Generated views stay in sync via CI. Every workflow is composed from the same atomic flow library.
27 atomic flows · 22 workflows · 85 flow-step V-loops with subagent dispatch and tool governance
| Workflow | Entry signals | Key steps |
|---|---|---|
| /silver | "/silver", "route" | ROUTE → (composes feature or fast) |
| /silver:feature | "feature", "implement", "build feature" | BOOTSTRAP → ORIENT → CLARIFY → DECIDE → SPECIFY → QUALITY_GATE → PLAN → EXECUTE → REVIEW_REQUEST → REVIEW → REVIEW_TRIAGE → VERIFY → SECURE → QUALITY_GATE → BRANCH_FINISH → COMPLETION_AUDIT → SHIP |
| /silver:ui | "ui", "frontend" | BOOTSTRAP → ORIENT → CLARIFY → SPECIFY → QUALITY_GATE → PLAN → DESIGN_CONTRACT → EXECUTE → UI_QUALITY → REVIEW → VERIFY → SECURE → BRANCH_FINISH → COMPLETION_AUDIT → SHIP |
| /silver:bugfix | "bug", "fix", "debug" | ORIENT → DEBUG → PLAN → EXECUTE → REVIEW_REQUEST → REVIEW → REVIEW_TRIAGE → VERIFY → SECURE → BRANCH_FINISH → COMPLETION_AUDIT → SHIP |
| /silver:deep-research | "research", "decide", "compare" | CLARIFY → DECIDE → DOCUMENT → VALIDATE |
| /silver:clarify | "idea", "fuzzy requirement", "scope" | CLARIFY → context/plan handoff |
| /silver:spec | "spec", "acceptance criteria", "user stories" | SPECIFY |
| /silver:ingest | "JIRA", "Figma", "external artifact" | SPECIFY (ingest sub-step) |
| /silver:validate | "validate", "gap analysis" | VALIDATE |
| /silver:devops | "devops", "infra", "iac" | BLAST_RADIUS → DEVOPS_ROUTE → QUALITY_GATE → SECURE → ORIENT → PLAN → VALIDATE → EXECUTE → REVIEW → VERIFY → BRANCH_FINISH → COMPLETION_AUDIT → SHIP |
| /silver:deploy | "deploy", "roll out" | BLAST_RADIUS → VERIFY → SECURE → SHIP |
| /silver:canary | "canary", "progressive rollout" | BLAST_RADIUS → VERIFY → SHIP |
| /silver:release | "release", "version", "tag" | QUALITY_GATE → REVIEW → VERIFY → SECURE → BRANCH_FINISH → COMPLETION_AUDIT → SHIP → RELEASE |
| /silver:fast | "fast", "small change", "typo" | FAST_PATH → QUALITY_GATE → PLAN → VALIDATE → EXECUTE → VERIFY |
| /silver:test | "test", "test hardening", "coverage" | PLAN → EXECUTE → VERIFY |
| /silver:refactor | "refactor", "behavior-preserving" | PLAN → EXECUTE → VERIFY → post-exec gates |
| /silver:benchmark | "benchmark", "eval", "compare models" | ORIENT → EXECUTE → VERIFY → DOCUMENT |
| /silver:content | "content", "docs", "article" | CLARIFY → SPECIFY → EXECUTE → VERIFY → DOCUMENT |
| /silver:incident | "incident", "outage", "p1" | BLAST_RADIUS → DEBUG → SECURE → VERIFY → DOCUMENT |
| /silver:retro | "retro", "postmortem" | ORIENT → DOCUMENT → DECIDE |
| /silver:forensics | "forensics", "deep-dive" | DEBUG → DOCUMENT → VALIDATE |
| /silver:process-maintenance | "phase", "thread", "backlog", "migration" | PHASE_MANAGE → DOCUMENT → VALIDATE |
| Reusable Workflow Components (Composed Internally) | ||
| post-exec-gates | After EXECUTE — used by feature, ui, bugfix, refactor | UI_QUALITY → REVIEW_REQUEST → REVIEW → REVIEW_TRIAGE → VERIFY (verify-tests) → SECURE → VALIDATE as needed → QUALITY_GATE → BRANCH_FINISH → COMPLETION_AUDIT → SHIP |
| review-triad | REVIEW phase — composed inside most delivery flows | REVIEW_REQUEST → REVIEW → REVIEW_TRIAGE |
| ship-readiness | Pre-ship branch completion | BRANCH_FINISH → COMPLETION_AUDIT → SHIP |
| validate-substep | Spec-to-plan gap analysis | VALIDATE |
| Slug | Role |
|---|---|
ROUTE | intent classification and workflow composition |
BOOTSTRAP | project bootstrap and enforcement activation |
ORIENT | codebase and planning context orientation |
CLARIFY | scope clarification and assumption lock |
DECIDE | decision research and trade-off synthesis |
SPECIFY | requirements specification and ingestion |
PLAN | execution planning with phase coverage |
DESIGN_CONTRACT | design contract and interface expectations |
VALIDATE | spec-to-plan gap validation |
QUALITY_GATE | cross-cutting quality dimensions (pre-plan and pre-ship) |
FAST_PATH | bounded fast path for low-risk edits |
EXECUTE | checkpointed implementation execution |
DEBUG | failure diagnosis and root-cause analysis |
UI_QUALITY | UI quality, accessibility, and design review |
VERIFY | verification, testing, and evidence freshness |
SECURE | security and LLM safety review |
REVIEW_REQUEST | structured review request and scope framing |
REVIEW | artifact and code review with evidence |
REVIEW_TRIAGE | finding triage, fix ladder, and clean-pass tracking |
BLAST_RADIUS | blast-radius assessment for infra changes |
DEVOPS_ROUTE | IaC toolchain and provider routing |
BRANCH_FINISH | branch hygiene before ship |
COMPLETION_AUDIT | completion evidence before delivery |
SHIP | ship readiness and promotion evidence |
RELEASE | versioned release and changelog publication |
DOCUMENT | durable documentation and release notes |
PHASE_MANAGE | phase and workflow state management |
Install Silver Bullet once. The hooks activate on every commit, PR, and release. The agent keeps its autonomy where autonomy is safe. The environment decides when it is not.
Install Silver Bullet ↓Free forever. No credit card. No telemetry. Cancel anytime (it is a plugin).
Most teams have Silver Bullet blocking their first unsafe PR within the first session. Here is the typical onboarding arc.
Install the plugin, run sb-bootstrap.sh and sb-diagnostics.sh. SB reports your host’s enforcement tier and which hooks are active. /silver:init stamps your project.
Type /silver build a rate limiter for the auth service. SB classifies the task, composes the workflow, and starts the chain. The agent reasons; the hooks enforce.
The agent tries to commit or open a PR before review. The completion audit hook refuses it and surfaces the missing required step. The team learns what the gate is — not by reading docs, by running into it.
From that point forward, every delivery boundary enforces what the agent claimed. The audit trail starts. The backlog gains a tracker. The session stops losing context.
“There is no single development, in either technology or management technique, which by itself promises even one order-of-magnitude improvement in productivity, in reliability, in simplicity.”
— Fred Brooks, No Silver Bullet (1986) · Turing Award, 1999
In 1986, Brooks argued no single development would deliver an order-of-magnitude improvement in software engineering. He was right for thirty-eight years. Models got smarter. The gap between work started and work correctly delivered did not move.
What changed is the unit of work. An AI agent is not a faster developer. It is a different operator — one that does not pause when the spec is ambiguous, does not push back when the gate is missing, does not re-read the diff. It ships whatever looks like completion.
The remedy is not a better prompt. It is the process layer — the part the model was never going to build for itself.
Silver Bullet is that process layer.
Twelve hook layers. Twenty-two workflows. A spec-to-release trace, blast-radius gate, and an evidence schema the agent cannot forge. None of this makes the model smarter. It changes the boundary between “the agent produced this” and “this has been verified” — the silver bullet Brooks said did not exist. It exists now. It is free forever — no strings attached. You can install it before lunch.