▌ git-native · local-first · zero telemetry

Ship the code.
Keep your thoughts yours.

AI coding agents leave behind prompts, tool calls, and session notes that can expose more than the final diff. hookshield keeps that trail local so you can review it before it becomes project history.

Your working thoughts stay on your machine unless you choose to share them.

status: coming soon, currently testing and looking for contributors

~/your-repo · session 0xA1 local only

            prompt
            refactor the auth middleware
            
            prompt
            check whether this async path is needed
            
            prompt
            compare mutex vs channel approach
            
            tool
            edited auth/middleware.go (+42 −18)
            
            prompt
            investigate old auth edge case
            
            note
            deferred: rewrite with channels
            
            prompt
            final: add rate limit, 100 req/min

3 shared · 4 kept private ↑ review before sharing

▌ the rebellion, audited

They called logging everything "the rebellion."
It's a logger.

entire.io says it captures every agent session, prompt, and tool call and stores them with your commits — by design, by default. That's a real feature. It is also a durable record of how you think once it is pushed with repo history. hookshield starts from the opposite default: local evidence first, sharing only when you choose.

entire.io

★ hookshield

Default

Captures agent sessions with commits

Records locally, shares only by choice

Your prompts

"Every session, prompt, and tool call"

Stays on your machine

Your dead-ends

Versioned repo context

Private by default

Control

Capture first, redact secrets

Review before anything leaves

The pitch

"Join the rebellion"

Keep your mind yours

▌ how it works

A shield between your agent and your history.

hookshield runs your agent command through a local wrapper, watches for risky session artifacts, and gives you a review point before that context becomes project history.

01 — WRAP THE RUN

One command, any repo.

Initialize a local policy, then run your agent command through hookshield. It works with git-based repos and the agents you already run.

Claude CodeCodexCursor+ any

02 — PRIVATE BY DEFAULT

Captured locally. Held back.

Session metadata, file changes, risky artifacts, and observed network connections are recorded on your machine for review.

local storeno telemetry

03 — SHARE ON PURPOSE

Promote only the signal.

Quarantine or hold back risky artifacts, then share only the context you have intentionally reviewed.

opt-instrict mode

04 — FILTER WITH YOUR MODEL

Bring your own reviewer.

Choose manual review, or run the captured context through the LLM and filters you trust before anything is promoted.

BYO LLMcustom filters