Open source · Plumbline

Catch AI failures before they reach production.

Plumbline is an open-source analyzer for LLM and agentic code. It finds the defects that make agents fall over — unbounded loops, missing fallbacks, unsafe tool calls — before a single line ships. Trust starts before production.

Open source · Apache-2.0 Reliability & security rules No telemetry SARIF · CI-native
$ pip install actaclad-plumbline
$ plumb scan ./agent

PLB-RES-001 · High · agent/loop.py:42
Agent loop has no iteration cap — runaway risk.

PLB-RES-002 · High · agent/llm.py:18
No fallback when the model provider returns 429.

PLB-SEC-003 · Medium · tools/exec.py:7
Untrusted input reaches a tool-enabled prompt.

3 findings · 0 false positives · 1.2s
Not a style linter

A reliability analyzer that reasons about what your code actually does.

Plumbline uses taint and dataflow analysis to reason about real properties of LLM and agentic code — not formatting, not naming. The defects that break agents in production are structural, and they're written long before deployment.

Deterministic

Same code, same findings, every run. No flakiness, no model calls, no surprises — safe to gate a build on.

Private by default

No network calls. No telemetry. Nothing leaves your machine. Plumbline runs fully offline.

Standards-native

Emits SARIF for GitHub code scanning and your IDE, JSON for tooling, and ships a pre-commit hook.

What it catches

The defects that don't show up until an agent is live.

The bugs that survive testing and surface only under real traffic — the ones a code review misses because they're about behaviour, not syntax.

PLB-RES
Unbounded agent loops

An agent that can loop without an iteration cap — a runaway cost and latency risk.

PLB-RES
Missing fallbacks

No handling when the model provider rate-limits or fails — the agent stalls in production.

PLB-SEC
Unsafe tool calls

Untrusted input reaching a tool-enabled prompt — the setup behind prompt-injection incidents.

PLB-ARC
Silent model swaps

A model quietly changed with no guardrail — behaviour drifts and nobody notices.

Where it runs

A quality gate for AI code, in the pipeline you already run.

Plumbline lives on the left of the lifecycle — design-time. AgentGuard picks it up on the right — runtime. Together they cover the whole path.

01
IDE

Run plumb scan locally before you commit.

02
Pre-commit

The ships-with hook scans every change automatically.

03
CI/CD

A quality gate the build can fail on — deterministic, so it's fair.

04
Code scanning

SARIF findings surface right in GitHub, next to your other checks.

Plumbline guards the code before it gets there. AgentGuard guards it once it's live.

Open by design

Read the rules. Run the scan. Trust nothing you can't inspect.

Plumbline is Apache-2.0 and public — because you shouldn't have to trust a black box to tell you your AI is sound. Install it in a minute; gate your next build on it.

pip install actaclad-plumbline · plumb scan

ACTACLAD · The craft of intelligence