展示HN:AgentLint v0.5 – 42条规则,为AI代理提供堆栈感知的保护措施
跟进我三天前的帖子。AgentLint 的规则数量从 10 条增加到 42 条,分布在 7 个包中。
自上次更新以来的一些有趣的技术细节:
**堆栈自动检测**:AgentLint 会检查项目文件(如 pyproject.toml、package.json、框架依赖)并激活相关的规则包。Python 包会捕捉裸露的异常、危险的子进程调用和 SQL 注入模式。前端包检查可访问性(如替代文本、表单标签、标题层级)。当其依赖项存在时,React 和 SEO 包会被激活。无需配置——如果想要覆盖,可以放置 agentlint.yml 文件。
**所有 17 个钩子事件**:Claude Code 暴露了比大多数人意识到的更多生命周期钩子:PreToolUse、PostToolUse、Stop、UserPromptSubmit、SubagentStop、Notification、SessionEnd 以及其他 10 个。AgentLint 现在可以处理所有这些事件。其中一个有趣的事件是 UserPromptSubmit——您可以在代理执行之前验证用户的请求。
**文件内容缓存以进行差异比较**:PreToolUse 在进行编辑/写入之前缓存文件内容。PostToolUse 接收“之前”的快照,以便基于差异的规则可以正常工作(例如,检测错误处理何时从文件中移除)。
**二进制解析问题**:Claude Code 通过 /bin/sh 以最小的 PATH 运行钩子。在 macOS 上,pip 将 console_scripts 安装到 /Library/Frameworks/Python.framework/Versions/3.13/bin,但该路径不在 PATH 中。shutil.which() 会失败。解决方案是一个 5 步探测链:PATH → ~/.local/bin (pipx) → uv 工具目录 → sysconfig.get_path("scripts") → python -m fallback。sysconfig 调用是关键——它准确返回 pip 放置二进制文件的位置。同时还必须添加 __main__.py,因为没有它,python -m fallback 会出现问题。
**质量包(始终激活)**:验证提交信息是否符合传统提交格式。检测无效的导入。当 try/except 或 .catch 块完全被移除时发出警告(不是重构——是移除)。在会话结束时注入自我审查提示。跟踪整个会话的令牌预算。
**741 个测试,覆盖率 96%**:仍然支持 Python 3.11 及以上,且仅依赖 click 和 pyyaml。
**自定义规则 API 没有变化**:只需子类化 Rule,实施 evaluate(),并放置一个 .py 文件。但引擎现在提供了更丰富的上下文:文件差异、提示内容、子代理输出、通知元数据。
[https://github.com/mauhpr/agentlint](https://github.com/mauhpr/agentlint)
查看原文
Follow-up to my post 3 days ago. AgentLint went from 10 rules to 42 across 7 packs.<p>The interesting technical bits since last time:<p>Stack auto-detection. AgentLint inspects project files (pyproject.toml, package.json, framework dependencies) and activates relevant rule packs. Python pack catches bare excepts, unsafe subprocess calls, SQL injection patterns. Frontend pack checks accessibility (alt text, form labels, heading hierarchy). React
and SEO packs activate when their dependencies are present. No config needed — drop agentlint.yml if you want to override.<p>All 17 hook events. Claude Code exposes more lifecycle hooks than most people realize: PreToolUse, PostToolUse, Stop, UserPromptSubmit, SubagentStop, Notification, SessionEnd, and 10 others. AgentLint now handles all of them. The interesting one is UserPromptSubmit — you can validate what the user asks before the
agent acts on it.<p>File content caching for diffs. PreToolUse caches the file's content before an Edit/Write. PostToolUse receives the "before" snapshot so diff-based rules work (e.g., detecting when error handling gets removed from a file).<p>Binary resolution problem. Claude Code runs hooks via /bin/sh with a minimal PATH. On macOS, pip installs console_scripts to /Library/Frameworks/Python.framework/Versions/3.13/bin/ which isn't on that PATH. shutil.which() fails. The fix was a 5-step probe chain: PATH → ~/.local/bin (pipx) → uv tools dir →
sysconfig.get_path("scripts") → python -m fallback. The sysconfig call is the key — it returns exactly where pip put the binary. Also had to add __main__.py since the python -m fallback was broken without it.<p>Quality pack (always-active). Validates commit messages against conventional commits format. Detects dead imports. Warns when try/except or .catch blocks get removed entirely (not refactored — removed). Injects a self-review prompt at session end. Tracks token budget across the session.<p>741 tests, 96% coverage. Still Python 3.11+, still no dependencies beyond click and pyyaml.<p>The custom rules API hasn't changed — subclass Rule, implement evaluate(), drop a .py file. But the engine now provides richer context: file diffs, prompt content, subagent output, notification metadata.<p><a href="https://github.com/mauhpr/agentlint" rel="nofollow">https://github.com/mauhpr/agentlint</a>