Login

u/Cypher_AlwaysWatchin

r/ClaudeAI r/Anthropic r/BuildWithClaude
▲ 3 r/Anthropic

constraint-mcp v2 — now enforces what your code *means*, not just what it imports

A few days ago I posted constraint-mcp, an MCP server that enforces architectural rules on Claude Code at the tool level instead of the prompt level. Short version: Claude has to call check_write() before writing any file, which runs AST analysis and blocks the write if something's wrong. Got a lot of traction and the most common piece of feedback was some version of "this is great but AST only catches structural stuff."

Which is true. AST can catch "src/api/ must not import from src/db/" because that's a literal import statement. It can't catch "src/api/ must not contain database logic" because an agent can write raw SQL inside a handler using only local variables, no imports to flag, and every check passes. Structurally fine. Semantically wrong.

So I added a semantic enforcement layer to v2.

Three new rule types in SPEC.md:

## Semantic Constraints

### Domain Coherence
- `src/auth/` -- must match domain: "authentication, JWT, sessions, login, permissions"
  threshold: 0.35

### Semantic Coupling Bans
- `src/api/` -- must not contain: "SQL queries, database connections, ORM, cursor"
  threshold: 0.45

### Semantic Drift
- `src/core/auth.py` -- baseline: locked, max-drift: 0.15

Domain Coherence fails if a file's content is semantically irrelevant to what its module is supposed to be about. Coupling Bans fails if a file is semantically too close to a domain it shouldn't touch. Drift Detection embeds a baseline on first write and flags if subsequent writes stray too far from it, which catches gradual scope creep before it compounds.

Under the hood it uses fastembed with BAAI/bge-small-en-v1.5 (384 dimensions, about 22mb, fully CPU, about 20ms per check). No API key, no cloud calls, fully offline.

Violations are non-blocking by default so they show up as warnings in the agent's context first. You tune the thresholds until they feel right, then flip CONSTRAINT_MCP_SEMANTIC_STRICT=true to actually enforce them. The defaults are conservative on purpose.

Backward compatible, repos without a Semantic Constraints section behave exactly the same as v1.

git clone https://github.com/Christopher-Anandaraj/ConstraintMCP.git
cd ConstraintMCP
pip install -e .

https://github.com/Christopher-Anandaraj/ConstraintMCP

Would love feedback especially on threshold tuning, real codebases vary a lot. If you find it useful please feel free to contribute and star the repo!

reddit.com
u/Cypher_AlwaysWatchin — 18 hours ago
▲ 1 r/BuildWithClaude+1 crossposts

CLAUDE.md kept gaslighting me so I built something to stop it

I've been going hard on Claude Code for the past few weeks and kept hitting a wall. I'd write out a bunch of rules in CLAUDE.md (don't touch this file, never use requests, keep api/ and db/ separated) and Claude would just... ignore them. Not every time, but enough to make me crash out. And the worst part is it would even acknowledge the rule existed right before breaking it.

There's research showing models follow fewer than 30% of instructions correctly in multi-step agent scenarios. Claude Code also had a CVE earlier this year where deny rules were getting silently bypassed. The whole thing is just built on vibes.

So I built constraint-mcp. It's a local MCP server that enforces rules at the tool level instead of the prompt level. You define a SPEC.md with things like:

  • - No `requests` — use `httpx` only
  • - `src/core/auth.py` is read-only
  • - `src/api/` must never import from `src/db/`

Before Claude writes any file, it has to call `check_write()`. The server does actual AST analysis with tree-sitter, and if something's wrong it injects the exact violation back into Claude's context before the file is saved. Claude self-corrects.

The key thing is Claude literally cannot write a file without going through the check. That's the difference.

https://github.com/Christopher-Anandaraj/ConstraintMCP

Still early so would love feedback, especially if you've dealt with CLAUDE.md drift before.
If you find it useful please star the repo!

u/Cypher_AlwaysWatchin — 4 days ago