ECC Tools is an open-source agent harness system designed to bridge the gap between local AI coding workflows and repository-native automation. Created by Affaan Mustafa, ECC stands at the center of a large ecosystem, offering a tripartite architecture that includes a distribution layer, a protection layer, and a control-plane layer. At its core, ECC provides an open-source harness toolkit that includes reusable skills, commands, hooks, and agents compatible with popular coding harnesses like Claude Code, Codex, Cursor, and OpenCode. This ecosystem allows developers to maintain consistency across different tools without being locked into a single editor or vendor environment.

Functionality of the system centers on turning repository history into actionable insights and reusable standards. By installing the ECC Tools GitHub App, teams can trigger an analysis of their repository's git history, conventions, and workflow patterns. The system then generates a reviewable pull request containing suggested skills, defaults, and guardrails tailored to the team's specific practices. This workflow ensures that AI coding agents learn from the codebase's history rather than starting from scratch, fostering a more consistent and productive development environment.

Some of the key features are:

• Repo-native Guidance: Converts existing commit history and workflow patterns into reusable team standards through automated pull requests.
• AgentShield Security: An open-source scanner that audits agent configurations like CLAUDE.md, .cursorrules, and agents.json for security vulnerabilities, offering red-team adversarial prompt testing and blue-team guardrail validation.
• Cross-Harness Portability: Standardizes skills, hooks, and agent behavior across multiple coding harnesses including Claude Code, Codex, Cursor, and OpenCode.
• Continuous Learning: Employs an instinct-based system that observes sessions to capture and surface reusable patterns with confidence scoring.
• Selective Install Builder: Allows developers to create lean, customized install profiles from a catalog of over 150 skills, agents, and commands.
• Review-first Automation: Ensures that all generated defaults and guardrails arrive as standard pull requests for manual approval, preventing silent or unwanted changes.

Operationally, teams can start for free by installing the ECC Tools GitHub App on a public repository or by using the universal local installer, ecc-universal. The system is designed to be additive; teams can begin with the open-source toolkit locally and later layer on GitHub App automation, security auditing with AgentShield, or enterprise-grade reporting and governance as their coordination requirements increase. The GitHub App provides the operational interface for recurring PR audits and team-wide policy enforcement, while the OSS repository remains the hub for discovering and sharing new agentic capabilities.

Some common use cases include:

• Automated Workflow Standardization: Automatically generating and maintaining project-specific coding standards based on historical team conventions.
• Agentic Security Auditing: Using AgentShield to proactively scan for risky agent configurations, prompt injection vectors, and broad tool permissions before deploying new coding standards.
• Multi-Harness Policy Enforcement: Applying consistent security and coding guardrails across diverse development environments, ensuring that all agents adhere to the same team policies regardless of the editor used.
• Structured Test-Driven Development: Enforcing test-first development loops and quality gates automatically for agents operating within the repository.
• Organization-wide Rollout: Scaling AI agent adoption by providing a unified governance layer that supports procurement, SSO, and team-specific configuration packs.