verity-auto = verity-framework + a headless autonomy layer.
This repo is a fork of verity-framework (v0.2.2) that adds the ability for the Verity roles to run on their own — a headless worker picks up labeled work from GitHub, runs the same roles you'd invoke by hand, merges low-risk work under a deterministic trust ladder, and pauses at every human gate — all bot-attributed, comment-audited, and priced. Everything the original Verity does, it still does, unchanged.
If you've never used Verity, start with the public verity-framework package. This page is for people who already know verity-framework and want the delta — verity-auto itself is not currently distributed publicly.
| verity-framework | verity-auto | |
|---|---|---|
| How roles run | You invoke each /verity:* role by hand | Same roles, or a headless verity-worker runs them for you |
| Merge | A human merges every PR | Human merges, or a deterministic trust ladder auto-merges low-risk PRs |
| State | Derived from GitHub | Same — plus a GitHub label state machine + audit comments + a usage ledger |
| Cost | The AI assistant's normal usage | Same — plus a per-run ledger and daily budget caps for autonomous runs |
verity-worker --repo owner/name --once — the orchestrator: startup checks → scan for work → lock → run roles → gate/summarize. One tick per invocation, stateless between ticks.verity autonomy show | set | validate — read/edit/validate the effective policy.verity agent-exec <role> — the single place an AI assistant is invoked headlessly (Claude Code, with a per-role tool allowlist).verity usage [--days N] [--json] — rollups from the run ledger.verity install --actions — scaffolds a GitHub Actions workflow driver.verity install now also creates the eight verity:* labels (idempotently).verity:request → in-progress → awaiting-approval → approved → …) that holds all run state in GitHub, so the worker is stateless and crash-safe.commands/verity/<role>.tools.json) — deny-by-default.needs-human rule, and a verity:circuit-open kill switch./verity-autonomy-setup deployment interview that ship with the fork./verity:deploy-setup — a guided interview that builds your global ~/.verity/deployment-methods.md catalog (AWS / GCP / Azure / LAN / PaaS / SSH / Kubernetes…), so the Architect has real targets to choose from. (verity-framework had 13 roles; verity-auto adds this one → 14.)docs/dev/deploy-kit/ — the deployment interview.docs/dev/friction-kit/ — instrument and document a first run.QUICKSTART.md — a zero→running first-start guide./verity:* roles and the whole CLI surface from verity-framework.verity deployment …) — where your app ships.mode: manual is byte-identical to upstream. Autonomy ships off by default; with it off, every command behaves exactly as it did before. A snapshot regression test (T01) enforces this — existing users see zero behavior change.| Path | What |
|---|---|
.verity/autonomy.yml | Policy: mode, trust, gates, limits, humans, notify (schema: schemas/autonomy.schema.json) |
.verity/usage.csv | Append-only run ledger (one row per run; verity usage reads it) |
~/.verity/logs/<run-id>/<role>.jsonl | Per-role headless transcripts |
commands/verity/<role>.tools.json | Per-role tool allowlists |
.github/workflows/verity-worker.yml | The Actions driver (from verity install --actions) |
DEPLOYMENT.md | Optional deployment record written by the deploy interview |
ANTHROPIC_API_KEY — the headless agent's key (this is what spends money).humans: list.package.json (verity.claudeCodeMinVersion); verity agent-exec fails fast below it.(Driving the roles by hand needs none of these — they're upstream-unchanged.)
docs/dev/./verity:triage role (T16), a --watch daemon driver (T17), OpenCode driver parity in agent-exec (T18), and trust auto-demotion on rollback attribution (T19).verity-auto is a fork of verity-framework, which is itself a clean-room successor to spec-driven-devops 1.4. The original verity-framework remains the upstream and the public npm package; verity-auto carries the autonomy work on top of it.