DevContract v1

Quality contracted in,
not audited after.

A DevContract defines what good looks like before an AI agent writes a line. Standards set. Scope bounded. Evidence required. The agent works inside the contract — not around it.

Scan your repo → JSON Schema ↗

The Problem

AI development moves faster than review can follow.

Agentic development generates code, configuration, and infrastructure changes at a rate no traditional review process can match. The answer isn't to slow the agent — it's to define the contract the agent must satisfy before it starts.

⚡

Speed without structure fails

An agent that writes fast but commits secrets, skips tests, or misconfigures MCP servers doesn't accelerate delivery — it accelerates risk.

📋

Post-audit is too late

Security review after the PR is too late. A DevContract is a pre-condition, not a post-check. The agent doesn't start without it.

🔏

Evidence, not assertions

A contract without evidence is a wish list. ticketyboo produces signed scan evidence that proves each clause was met — or flags which weren't.

The Pipeline

Scan → Gap → Contract → Evidence → Report

Five stages from raw repo to governed, evidence-backed development brief. Each stage builds on the last. Nothing moves forward without the previous stage passing.

01 — Scan

Deep scan

7 analysis layers: dependency, secret, SAST, IaC, license, quality, and agent security. Full file tree analysis via GitHub Trees API.

02 — Gap

Gap analysis

Findings mapped to DevContract clauses. Each finding either satisfies, violates, or is excepted against a named clause.

03 — Contract

Contract definition

devcontract.json committed to repo. Named clauses. Quality gates. Agent policy. Explicit exceptions with expiry dates and approvers.

04 — Evidence

Evidence generation

Scan results linked to contract clauses. Report JSON stored in S3 with scan ID. Traceable, reproducible, shareable.

05 — Report

Public report

Human-readable report at ticketyboo.dev/r/{scan-id}. Pass/fail per clause. Share with your team, your client, or your board.

Standard Clauses

What a DevContract enforces

DevContract v1 ships with a standard clause library. Every clause maps to a scanner layer finding, has a severity threshold, and references the standard it satisfies.

Clause	Title	Category	Blocks at	Standard ref
DC-S01	No committed secrets	security	critical	CWE-798
DC-S02	No .env files committed	security	high	CWE-312
DC-A01	No enableAllProjectMcpServers	agent_security	critical	CVE-2026-21852 / MCP03
DC-A02	alwaysAllow restricted to approved tools	agent_security	high	OWASP MCP03
DC-A03	Sensitive agent configs in .gitignore	agent_security	medium	OWASP MCP07
DC-G01	README present	governance	medium	—
DC-G02	CI pipeline present	governance	medium	—
DC-G03	Tests present	governance	medium	—
DC-Q01	Linting configuration present	quality	low	—
DC-D01	Dependency manifest present	dependency	medium	—

Full clause library and JSON Schema: devcontract-v1.schema.json ↗

Agent Policy

MCP security baked into the contract.

DevContract v1 includes an agent_policy block. Explicit. Version-controlled. Auditable. No more security decisions implicit in someone's local IDE config.

❌ Without a contract

Implicit permissions

enableAllProjectMcpServers: true silently committed. alwaysAllow lists growing with every sprint. No record of who approved what or when. CVE-2026-21852 waiting to happen.

✓ With a DevContract

Explicit, expiring policy

Every approved tool listed. Justification required in writing. Exceptions expire and must be renewed. Scanner flags any config that drifts from the contract. Evidence of compliance at every scan.

✓ What you can specify

agent_policy fields

prohibit_enable_all_project_mcp_servers — enforce CVE-2026-21852 fix.
approved_always_allow_tools — explicit allowlist, requires justification.
require_gitignore_coverage — mandatory .gitignore entries.
allow_agent_configs_in_repo — opt-in or block entirely.

❌ What contracts prevent

Common failures we detect

Hardcoded API keys in MCP configs (CVE-2025-59536 class).
Internal IP addresses in server URLs.
Personal absolute paths committed to shared configs.
Steering docs containing sensitive internal context.

The Schema

A contract is a committed file.

devcontract.json lives in your repo root. It's version-controlled, reviewed in PRs, and referenced by every scan.

// devcontract.json — commit this to your repo root
{
  "version": "1",
  "project": {
    "name": "my-project",
    "repo": "https://github.com/my-org/my-project"
  },
  "gates": {
    "max_severity_allowed": "medium",
    "max_findings_by_severity": { "critical": 0, "high": 0 },
    "min_health_score": 75,
    "required_layers": ["secret", "agent_security", "sast"]
  },
  "agent_policy": {
    "prohibit_enable_all_project_mcp_servers": true,
    "approved_always_allow_tools": ["read_file", "list_files"],
    "approved_always_allow_justification": "Read-only only.",
    "require_gitignore_coverage": true
  },
  "clauses": [
    {
      "id": "DC-S01", "title": "No committed secrets",
      "category": "security", "severity_threshold": "critical",
      "requirement": "No credentials committed in any file."
    },
    {
      "id": "DC-A01", "title": "No enableAllProjectMcpServers",
      "category": "agent_security", "owasp_ref": "MCP03",
      "severity_threshold": "critical",
      "requirement": "enableAllProjectMcpServers must be absent or false."
    }
  ]
}

Start with a scan.
Build the contract from the evidence.

Scan your repo → Gatekeep →

Quality contracted in,not audited after.