Deterministic architecture governance for codebases that ship with AI. Drop-in for Claude Code. SHACL/SPARQL-backed. SARIF output.
AI coding agents are fast enough now that pull-request review can't keep up. The reviewer is looking at code that was generated in seconds, justified in paragraphs, and shaped by intent the human didn't write. The architectural decision was made earlier — in the agent's prompt context — and PR review is too late to undo it cheaply.
The honest fix is not slower agents. It is a deterministic gate before the agent stops: a check, run on every session, that says this conforms to the architecture, or it doesn't, and here is the exact violation. Not a vibe. Not a probabilistic critique. A SHACL shape, a SPARQL surface, and a SARIF report the IDE already knows how to render.
ArchTrace is that gate. It runs before the stop hook fires. It speaks the architecture graph fluently because it owns it. And it produces evidence — not opinions — that a senior engineer or a compliance reviewer can sign.
Every AI session is checked against SHACL shapes before the stop hook fires. A violation is a violation — with a citation. There is no "the model seems unsure here." There is a rule, a graph, and a line of code.
Architecture, modules, dependencies, contracts, ownership, security boundaries, deployment. Each lives as a named graph. Every shape and policy is a SPARQL query over those graphs — auditable, versionable, diffable.
Findings ship as SARIF 2.1.0. VS Code, JetBrains, GitHub annotations, and Azure DevOps render them without extra plumbing. Reviewers see the violation in the file, not in a PDF.
Drop-in for Claude Code. The agent learns the architecture from the same surface that gates it — so the second draft has fewer violations than the first, and the architecture stops drifting on the way to production.
The architecture graph isn't a diagram. It's a queryable substrate. Every rule the AI is held to is a SPARQL query over the seven named graphs — written, reviewed, and versioned by engineers, not invented at runtime.
Architectural policies, layer constraints, and ownership invariants are queries over the same graphs the IDE indexes. A SHACL shape is a constraint; a SPARQL query is the proof.
# shape:NoUiToDbDirect — forbid UI → DB calls ASK FROM <g:arch> FROM <g:deps> { ?call a :Invocation ; :fromLayer :UI ; :toLayer :Persistence . }
Registered as a stop-hook plugin. Every session is checked before the agent reports done. Findings are returned to the agent for repair, then re-checked.
[[plugins]] name = "archtrace" command = "archtrace gate --stop-hook" stages = ["pre-stop"] on_violation = "return-to-agent"
Run locally, in pre-commit, or as a guardrail step. Returns SARIF, exits non-zero on violation, supports targeted re-runs by named graph.
# gate the working tree against the architecture $ archtrace gate \ --graph arch,deps,contracts \ --output sarif \ > archtrace.sarif # 3 findings · 2 errors · 1 warning
A single job in GitHub Actions, GitLab CI, or Azure Pipelines. Uploads SARIF for code-scanning UI. Blocks merge on errors; surfaces warnings as inline annotations.
name: Architecture on: [pull_request] jobs: gate: runs-on: ubuntu-latest steps: - uses: ivbis/archtrace@v1 with: fail-on: error upload-sarif: true
Three real rules from a typical engagement, written in plain SHACL. Click one and watch the SARIF report on the right update to match — the same report your IDE renders inline. The format is open on both sides; no intermediate vendor lock.
Where ArchTrace governs the architecture an agent ships against, PlanTrace governs the plan an agent ships from. Same governance discipline, opposite end of the lifecycle. Together they bracket the AI loop.
Explore PlanTrace →
ArchTrace ships as a Claude Code plugin, a CLI, and a CI action.
Start with a sentence about the codebase you'd like to put it on. We reply within two business days.