An espalier trains a fruit tree to grow flat along a wall — pruned, wired, productive, impossible to mistake for a wild one. Espalier does the same for your AI coding agents: discover the patterns already in your codebase, encode them as constraints, get code that lands inside your conventions on the first try, not the fifth.
AI coders write plausible-looking code that doesn't match your codebase. It's not a model intelligence problem. It's an unwritten rules problem — patterns every experienced developer on the team knows but nobody documented. The model can't read your team's Slack history.
It writes a new formatDate() helper when you already have one three folders away.
It carves a component into four files when the team keeps colocated views in one.
It reaches for winston when the project standardised on pino two years ago.
It handles errors with throw when your repo committed to Result<T> in 2022.
The model can't read your team's Slack history.
Espalier reads your code, extracts those rules, and writes them down as machine-enforceable constraints. The next time the AI codes, it loads your project's rules automatically and follows them. A reviewer agent — different agent, different tool set — checks against the same rules before any commit lands.
Ten concurrent scouts inspect architecture, coding patterns, testing posture, CI, unwritten rules, and per-layer specs. An oracle pulls vendor docs in parallel. No templates from other projects.
Patterns become rules/ always-loaded into Claude Code, skills/ loaded per phase, wiki/ on demand. Every rule cites the observed pattern that justifies it.
A separate reviewer agent (Read/Grep only — no Write) checks each output. Pre-push hooks block layer-boundary violations. Failed gates roll back; rollback counters escalate to humans.
After /espalier-init, a single per-project directory wires into Claude Code via symlinks. Hover any path to see what it does and when it loads.
After init, your repo exposes two orchestrators. Each stage has a programmatic gate, each gate either passes deterministically or rolls back. Brass dots are gates; failed gates accumulate into a counter that triggers human escalation.
git blame + reverse-lookup cache + squash-merge mapping to bind the fix back to the feature change that caused it.| Prefix | Type | Output directory |
|---|---|---|
| feat: (or no prefix) | Feature | espalier/changes/feat/<slug>/ |
| refactor: | Refactor | espalier/changes/refactor/<slug>/ |
| docs: | Docs | espalier/changes/docs/<slug>/ |
| fix: | Bug fix | use /espalier-fix instead |
Stage 1 → Stage 2 → Stage 3 used to chain automatically — coding began the moment the requirement doc existed. Now both pipelines stop after the requirement is written and reviewed, and wait for your explicit go-ahead. A Stage 2 PASS no longer authorizes coding on its own.
requirements.md.
v0.11.0 — the push gate actually blocks now. Claude Code hooks block only on exit code 2 with the message on stderr — the old gates’ exit 1 was a silent no-op. Every gate script and wrapper speaks the real contract (the wrapper fails closed without python and matches git -C … push and multi-line commands), the Stage 4/6 gates read the verdict word — closing the FAIL-with-P1-only and ESCALATION_REQUIRED-as-PASS holes — the reviewer/security agents get a record-file-scoped Write tool, and .claude/ symlinks go relative so a moved repo keeps working. Existing users run /espalier-migrate.
v0.9.1 — the review-round and rollback hard stops are now configurable. How many coder↔reviewer rounds run before the pipeline stops and asks a human used to be hardcoded prose (Max 2 P0 rounds) in the pipeline templates. It now lives in a tracked espalier/.espalier-config — max-req-rounds, max-code-rounds, max-test-rounds, max-rollbacks — that the orchestrator reads at runtime, falling back to 3 when a key is absent so a missing file never blocks. Defaults unify to 3 (code and test caps rise 2→3). Existing users run /espalier-migrate.
v0.9.0 — Stage 4 now runs a two-agent panel. Alongside the correctness reviewer, a new harness-security auditor checks the change's trust boundary on one rule — never trust data the frontend sent. It hard-blocks any sensitive field (price, userId, role, orderId, status) the backend fails to re-derive, re-authorize, or recompute, and requires an abuse test proving the tampered value is rejected and never persisted. The coder reads the same taxonomy while writing, so security shifts left. /espalier-audit runs the same auditor repo-wide over your existing code, dispatchable to /espalier-fix. The release also adds an always-loaded production-standards bar — resilience, observability, data-safety — the coder writes to and the reviewer enforces at tiered severity, plus a fail-closed push gate and a programmatic build/lint gate.
v0.8.2 — code review is now a fixpoint loop. When the reviewer files a P0 and the coder fixes it, the fix is re-reviewed — the only way out is a fresh review of the current code returning zero P0, so a new bug introduced by the fix can't slip through unreviewed. A push-gate certificate binds the verdict to a fingerprint of the reviewed source, so a fix that skips re-review fails closed at push time.
v0.8.1 — the coder and reviewer sub-agents now reason about every surface a change touches — admin / CRUD UIs, API validation, client forms, persisted data, other callers — not just the happy path. Closes a class of fix-round where a now system-derived value left "required" on a UI blocks the user before the server-side hook ever runs.
Existing users run /espalier-migrate — it auto-detects your version and applies the chain (… v0.9.4 → v0.10.0 → v0.11.0) in order.
New pipeline runs get the loop; in-flight changes are unaffected. Non-breaking.
/espalier-ask <question> answers "how does this work / where is it / why is it built this way / what changed recently" — reading the espalier/ docs you already paid to build, instead of crawling the whole codebase from scratch every time.
changes/ records, before any from-scratch codebase search.file:line on every claim; fall back to a code search when the docs come up short.changes/ folder. No stages, no gates.
Two notify-only byproducts: a stale wiki it trips over while answering gets flagged (the same signal /espalier-doctor produces, pointing you at /espalier-prune), and a question the docs can't answer is logged to a git-tracked .ask-gaps.tsv — a backlog of what the wiki should cover next.
Existing users run /espalier-migrate — it auto-detects your version and applies the chain (… v0.6 → v0.7) in order.
Purely additive — no pipeline change. Non-breaking.
A vague requirement — or an unconfirmed bug diagnosis — that passes Stage 1 is trusted by every later stage, and no later gate audits it. /espalier now grills that input first, turning an under-specified ask into one a coding agent can execute without guessing.
requirements.md.spec for /espalier requirements, diagnosis for /espalier-fix root causes — so the lane never patches a symptom on an unconfirmed theory.--no-grill skips one invocation; an unattended (no-TTY) run auto-skips so the pipeline never hangs.
Change folders are now date-prefixed — changes/feat/2026-06-02-add-login/ — so a directory listing sorts chronologically.
Existing users run /espalier-migrate — it auto-detects your version and applies the chain (… v0.5 → v0.6) in order.
Stage 1 grilling is additive and interactive-only. Non-breaking.
The artifacts /espalier-init generates describe your codebase on init day. As code evolves, v0.5.0 keeps them in sync — without ever silently overwriting anything you wrote.
Existing users on v0.4.x or earlier run /espalier-migrate — it auto-detects your installed version and applies the migration chain (v0.1 → v0.2 → v0.4 → v0.5) in order.
Drift detection is additive. Non-breaking for v0.4 installs.
/espalier-init is a heavy one-time tax — typically 10–15 minutes on a medium codebase (~150 source files). Every subsequent /espalier and /espalier-fix reuses what's generated.
rules/, always cached, no re-discovery.
/espalier-doctor flag artifacts as they age.
/espalier-init in USDMedium repo, ~150 source files. Across ~5–10 features you earn this back via dropped rework rounds.
| Setup | Per run |
|---|---|
| Opus everywhere (no cache) | $10–20 |
| Opus main + Sonnet scouts (no cache) | $4–8 |
| Opus main + Sonnet scouts + cache hits (typical) | $2–5 |
| Sonnet everywhere + cache | $1–3 |
When an agent makes an error, engineer its elimination — not with prompt tweaks, but with files, rules, automated checks, and system structure.
Read the actual code, extract patterns. Never impose templates from other projects.
ci_status == 'success' AND tests_passed == total, not "check if CI passes".
Coder and reviewer are different invocations with different tool sets. Reviewer gets Read/Grep only.
Rules always loaded. Skills per phase. Agents see only their scope. Wiki on demand.
Either reflects an observed pattern, or prevents a known failure mode. Nothing arbitrary.
An espalier is a tree that hasn't forgotten what shape it's meant to hold.
Marketplace install is the standard path. Manual clone is for hacking on Espalier itself. Project-scoped drops a single skill into one repo without going global.
Recommended. Updates flow in via /plugin update espalier-engineering.
For users not on the plugin path, or while iterating on Espalier itself.
Update with cd ~/repos/espalier-engineering && git pull.
Drop the skill inside a single project rather than installing globally.