npm - speclock - Versions diffs - 1.3.1 → 1.4.0 - Mend

speclock 1.3.1 → 1.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/README.md CHANGED Viewed

@@ -1,9 +1,11 @@
 # SpecLock
-**AI Continuity Engine** — MCP server + npm package that kills AI amnesia. Works with Lovable, Claude Code, Cursor, Bolt.new, and more.
+**AI Constraint Engine** — Memory + enforcement for AI coding tools. The only solution that makes your AI **respect boundaries**, not just remember things.
 > Developed by **Sandeep Roy** ([github.com/sgroy10](https://github.com/sgroy10))
+**Website**: [sgroy10.github.io/speclock](https://sgroy10.github.io/speclock/) | **npm**: [npmjs.com/package/speclock](https://www.npmjs.com/package/speclock) | **Smithery**: [smithery.ai/servers/sgroy10/speclock](https://smithery.ai/servers/sgroy10/speclock)
 [![npm version](https://img.shields.io/npm/v/speclock.svg)](https://www.npmjs.com/package/speclock)
 [![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](https://opensource.org/licenses/MIT)
 [![MCP Compatible](https://img.shields.io/badge/MCP-Compatible-green.svg)](https://modelcontextprotocol.io)
@@ -13,73 +15,78 @@
 ## The Problem
-Every AI coding tool forgets. Every. Single. Session.
+AI tools now have memory. Claude Code has auto-memory. Cursor has Memory Bank. Mem0 exists.
+**But memory without enforcement is dangerous.**
-- Claude Code forgets the decisions you made yesterday
-- Cursor forgets the constraints you set last week
-- Codex rebuilds what another agent already built
-- Your AI agent violates rules it agreed to 3 sessions ago
+- Your AI remembers you use PostgreSQL — then switches to MongoDB because it "seemed better"
+- Your AI remembers your auth setup — then rewrites it while "fixing" a bug
+- Your AI remembers your constraints — then ignores them when they're inconvenient
+- You said "never touch auth files" 3 sessions ago — the AI doesn't care
-**AI amnesia is the #1 productivity killer in AI-assisted development.**
+**Remembering is not the same as respecting.** AI tools need guardrails, not just memory.
 ## The Solution
-SpecLock maintains a `.speclock/` directory inside your repo that gives every AI agent perfect memory — across sessions, across tools, across time.
+SpecLock adds **active constraint enforcement** on top of persistent memory. When your AI tries to break something you locked, SpecLock **stops it before the damage is done**.
 ```
-.speclock/
-├── brain.json         # Structured project memory
-├── events.log         # Append-only event ledger (JSONL)
-├── patches/           # Git diffs captured per event
-└── context/
-    └── latest.md      # Always-fresh context pack for any AI agent
-```
+You:    "Don't ever touch the auth files"
+AI:     🔒 Locked: "Never modify auth files"
-**SpecLock = MCP Server + Project Instructions.**
+... 5 sessions later ...
-The MCP server gives the AI tools for memory and constraint checking. The project instructions force the AI to use them on every action — automatically. Together, they create an active guardrail that prevents AI coding tools from breaking your work.
+You:    "Add social login to the login page"
+AI:     ⚠️ CONFLICT: This violates your lock "Never modify auth files"
+        Should I proceed or find another approach?
+```
-**No context is ever lost. No constraints ever violated.**
+No other tool does this. Not Claude's native memory. Not Mem0. Not CLAUDE.md files.
-## Why SpecLock Wins
+## How SpecLock Is Different
-| Feature | CLAUDE.md / .cursorrules | Chat History | Memory Plugins | **SpecLock** |
-|---------|--------------------------|--------------|----------------|--------------|
-| Structured memory | Static files | Noise-heavy | Generic | **Structured brain.json** |
-| Constraint enforcement | None | None | None | **Active lock checking** |
-| Conflict detection | None | None | None | **Semantic + synonym matching** |
-| Drift detection | None | None | None | **Auto-scan against locks** |
-| Git-aware | No | No | No | **Checkpoints, diffs, reverts** |
-| Multi-agent | No | No | Partial | **Full session timeline** |
-| Auto-suggestions | No | No | No | **AI-powered lock suggestions** |
-| Cross-tool | Tool-specific | Tool-specific | Tool-specific | **Universal MCP** |
+| Feature | Claude Native Memory | Mem0 | CLAUDE.md / .cursorrules | **SpecLock** |
+|---------|---------------------|------|--------------------------|--------------|
+| Remembers context | Yes | Yes | Manual | **Yes** |
+| **Stops the AI from breaking things** | No | No | No | **Yes — active enforcement** |
+| **Semantic conflict detection** | No | No | No | **Yes — synonym + negation analysis** |
+| Works on Bolt.new | No | No | No | **Yes — npm file-based mode** |
+| Works on Lovable | No | No | No | **Yes — MCP remote** |
+| Structured decisions/locks | No | Tags only | Flat text | **Goals, locks, decisions, changes** |
+| Git-aware (checkpoints, rollback) | No | No | No | **Yes** |
+| Drift detection | No | No | No | **Yes — scans changes against locks** |
+| Multi-agent timeline | No | No | No | **Yes** |
+| Cross-platform | Claude only | MCP only | Tool-specific | **Universal (MCP + npm)** |
 **Other tools remember. SpecLock enforces.**
 ## Quick Start
-### 1. Connect SpecLock to Your AI Tool
+### Bolt.new / Aider / Any npm Platform (No MCP Needed)
-**Lovable** (no install needed):
+Just tell the AI:
-1. Go to **Settings → Connectors → Personal connectors → New MCP server**
-2. Enter URL: `https://speclock-mcp-production.up.railway.app/mcp` — No auth
-3. Enable it in your project's prompt box
+```
+"Install speclock and set up project memory"
+```
-**Claude Code** — Add to `.claude/settings.json` or `.mcp.json`:
+Or run it yourself:
-```json
-{
-  "mcpServers": {
-    "speclock": {
-      "command": "npx",
-      "args": ["-y", "speclock", "serve", "--project", "."]
-    }
-  }
-}
+```bash
+npx speclock setup --goal "Build my app"
 ```
-**Cursor** — Add to `.cursor/mcp.json`:
+**That's it.** The AI reads `SPECLOCK.md`, follows the rules, and uses CLI commands. Tested on Bolt.new — the AI ran 17 commands automatically on first install, setting up goals, locks, and decisions without any configuration.
+### Lovable (MCP Remote — No Install)
+1. Go to **Settings → Connectors → Personal connectors → New MCP server**
+2. Enter URL: `https://speclock-mcp-production.up.railway.app/mcp` — No auth
+3. Paste [Project Instructions](#project-instructions) into Knowledge
+### Claude Code (MCP Local)
+Add to `.claude/settings.json` or `.mcp.json`:
 ```json
 {
@@ -92,104 +99,85 @@ The MCP server gives the AI tools for memory and constraint checking. The projec
 }
 ```
-**Windsurf / Cline / Any MCP tool** — Same pattern as above.
-**Bolt.new / Aider / Any platform with npm** (NEW in v1.3.0):
-No MCP needed. Just tell the AI:
-```
-"Install speclock and set up project memory"
-```
-Or run it yourself:
-```bash
-npx speclock setup --goal "Build my app"
-```
-This creates:
-- `SPECLOCK.md` — AI rules file (the AI reads this automatically)
-- `.speclock/brain.json` — Project memory
-- `.speclock/context/latest.md` — Context file for the AI
-**That's it.** The AI reads `SPECLOCK.md`, follows the rules, and uses CLI commands (`npx speclock lock "..."`, `npx speclock check "..."`, etc.) instead of MCP tools. Tested and working on Bolt.new — the AI ran 17 commands automatically on first install.
-### 2. Add Project Instructions (Required for MCP platforms)
-> **This is the critical step.** Without project instructions, the AI has the tools but won't use them automatically. With them, SpecLock becomes an active guardrail.
+### Cursor / Windsurf / Cline
-Copy-paste the rules below into your platform's project instruction settings:
+Same MCP config as Claude Code. Add to `.cursor/mcp.json` or equivalent.
-| Platform | Where to paste |
-|----------|----------------|
-| **Lovable** | Project Settings → Knowledge |
-| **Cursor** | `.cursorrules` file in project root |
-| **Claude Code** | `CLAUDE.md` file in project root |
-| **Windsurf** | `.windsurfrules` file in project root |
+### Project Instructions
-**The rules to paste:**
+For MCP platforms, paste these rules into your platform's instruction settings (Lovable Knowledge, .cursorrules, CLAUDE.md, etc.):
 ```
 ## SpecLock Rules (MANDATORY — follow on every message)
-1. START OF EVERY CONVERSATION: Call speclock_session_briefing FIRST. Read all locks, decisions, and goals before doing anything else. Show a brief summary: "🔒 Memory loaded — X locks, Y decisions."
-2. BEFORE WRITING OR MODIFYING ANY CODE: Call speclock_check_conflict with a description of what you're about to change. If a conflict is found with HIGH confidence, STOP and tell me which lock would be violated. Do NOT proceed unless I explicitly say to override it.
+1. START: Call speclock_session_briefing FIRST. Show: "🔒 Memory loaded — X locks, Y decisions."
+2. BEFORE CHANGES: Call speclock_check_conflict. If HIGH conflict, STOP and warn.
+3. LOCK: When user says "never/always/don't touch" → call speclock_add_lock immediately.
+4. AFTER FEATURES: Call speclock_log_change with summary + files affected.
+5. UNLOCK: When user wants to change something locked → warn first, only proceed on confirm.
+6. END: Call speclock_session_summary with what was accomplished.
+```
-3. WHEN I SAY "lock this", "never touch this", "don't ever change this", "this is critical", or similar: Immediately call speclock_add_lock with my exact constraint. Confirm with: "🔒 Locked: [constraint]"
+See [SPECLOCK-INSTRUCTIONS.md](SPECLOCK-INSTRUCTIONS.md) for platform-specific versions.
-4. AFTER COMPLETING ANY FEATURE OR SIGNIFICANT CHANGE: Call speclock_log_change with a summary of what was built/changed and which files were affected. Also call speclock_add_decision if an architectural choice was made.
+## What It Looks Like In Practice
-5. WHEN I ASK TO REMOVE OR CHANGE SOMETHING THAT WAS LOCKED: Warn me first: "⚠️ You locked this: [constraint]. Want me to unlock it and proceed?" Only proceed if I confirm.
+### Bolt.new — Session 1 (Setup)
+```
+User: "Install speclock and set up memory for my SaaS"
-6. END OF CONVERSATION: Call speclock_session_summary with what was accomplished.
+Bolt: ✓ Ran npx speclock setup
+      ✓ Set goal: "Build B2B SaaS API"
+      ✓ Added 6 locks (auth, security, rate limiting...)
+      ✓ Recorded 7 decisions (Supabase, Stripe, Gemini...)
+      ✓ Context file generated — project memory active
 ```
-See [SPECLOCK-INSTRUCTIONS.md](SPECLOCK-INSTRUCTIONS.md) for platform-specific versions and detailed examples.
+### Bolt.new — Session 2 (Full Memory)
+```
+User: "Create a plan for the API endpoints"
-### 3. Start Building
+Bolt: ✓ Read project context (6 locks, 7 decisions)
+      ✓ Created 10-phase plan respecting ALL constraints
+      ✓ All plans use Supabase (locked), Bearer auth (locked)
+      ✓ Logged planning phase back to SpecLock
+```
-That's it. Now when you chat with your AI tool:
+### Any Platform — Constraint Enforcement
+```
+You:    "Add social login to the login page"
+AI:     ⚠️ CONFLICT (HIGH — 100%): Violates lock "Never modify auth files"
+        Reasons:
+        - Direct keyword match: auth
+        - Synonym match: security, authentication
+        - Lock prohibits this action (negation detected)
+        Should I proceed or find another approach?
+```
-1. **Every session starts**: AI auto-loads your project memory — goals, constraints, decisions, history
-2. **During work**: AI auto-captures decisions, logs changes, checks constraints before modifying code
-3. **Constraint protection**: If the AI tries to break something you locked, it stops and warns you
-4. **Every session ends**: AI records what was accomplished
-5. **Next session**: Full continuity — the AI remembers everything from all previous sessions
+## Killer Feature: Semantic Conflict Detection
-## How It Works In Practice
+Not just keyword matching. SpecLock uses **synonym expansion** (15 groups), **negation detection**, and **destructive action flagging**:
-### You lock something important:
-```
-You:  "Don't ever touch the auth files"
-AI:   🔒 Locked: "Never modify auth files"
 ```
+Lock:   "No breaking changes to public API"
+Action: "Remove the external endpoints"
-### AI checks before every change:
-```
-You:  "Add social login to the login page"
-AI:   ⚠️ This conflicts with your lock: "Never modify auth files"
-      Should I proceed anyway, or find another approach?
+Result: [HIGH] Conflict detected (confidence: 85%)
+  - synonym match: remove/delete, external/public, endpoints/api
+  - lock prohibits this action (negation detected)
+  - destructive action against locked constraint
 ```
-### New session, full memory:
-```
-You:  "Let's keep working on the dashboard"
-AI:   🔒 Memory loaded — 5 locks, 3 decisions, 2 sessions tracked.
-      Last session you added the payment page and locked the auth files.
-      Ready to work on the dashboard.
-```
+## Three Integration Modes
-### You change your mind:
-```
-You:  "Actually, unlock the auth files, I need to change them"
-AI:   You locked: "Never modify auth files". Want me to unlock this?
-You:  "Yes"
-AI:   🔓 Unlocked. Proceeding with auth file changes.
-```
+| Mode | Platforms | How It Works |
+|------|-----------|--------------|
+| **MCP Remote** | Lovable, bolt.diy, Base44 | Connect via URL — no install needed |
+| **MCP Local** | Claude Code, Cursor, Windsurf, Cline | `npx speclock serve` — 19 tools via MCP |
+| **npm File-Based** | Bolt.new, Aider, Rocket.new | `npx speclock setup` — AI reads SPECLOCK.md + uses CLI |
-## MCP Tools (19)
+## 19 MCP Tools
 ### Memory Management
 | Tool | Purpose |
@@ -206,11 +194,11 @@ AI:   🔓 Unlocked. Proceeding with auth file changes.
 ### Change Tracking
 | Tool | Purpose |
 |------|---------|
-| `speclock_log_change` | Manually log a significant change |
+| `speclock_log_change` | Log a significant change |
 | `speclock_get_changes` | Get recent tracked changes |
-| `speclock_get_events` | Get event log (filterable by type/time) |
+| `speclock_get_events` | Get event log (filterable) |
-### Continuity Protection
+### Enforcement & Protection
 | Tool | Purpose |
 |------|---------|
 | `speclock_check_conflict` | Check action against locks (semantic matching) |
@@ -230,97 +218,32 @@ AI:   🔓 Unlocked. Proceeding with auth file changes.
 | `speclock_detect_drift` | Scan changes for constraint violations |
 | `speclock_health` | Health score + multi-agent timeline |
-## Killer Features
-### Semantic Conflict Detection
-Not just keyword matching — SpecLock understands synonyms, negation, and destructive intent:
-```
-Lock: "No breaking changes to public API"
-Action: "remove the external endpoints"
-Result: [HIGH] Conflict detected (confidence: 85%)
-  - synonym match: remove/delete, external/public, endpoints/api
-  - lock prohibits this action (negation detected)
-  - destructive action against locked constraint
-```
-### Auto-Lock Suggestions
-SpecLock analyzes your decisions and notes for commitment language and suggests constraints:
-```
-Decision: "Always use REST for public endpoints"
-→ Suggestion: Promote to lock (contains "always" — strong commitment language)
-Project mentions "security" but has no security lock
-→ Suggestion: "No secrets or credentials in source code"
-```
-### Drift Detection
-Proactively scans recent changes against your locks:
-```
-Lock: "No database schema changes without migration"
-Change: "Modified users table schema directly"
-→ [HIGH] Drift detected — review immediately
-```
-### Multi-Agent Timeline
-Track which AI tools touched your project and what they did:
-```
-Health Check — Score: 85/100 (Grade: A)
-Multi-Agent Timeline:
-- claude-code: 12 sessions, last active 2026-02-24
-- cursor: 5 sessions, last active 2026-02-23
-- codex: 2 sessions, last active 2026-02-20
-```
 ## CLI Commands
 ```bash
-# Setup (NEW in v1.3.0)
-speclock setup --goal "Build my app"   Full one-shot setup (init + SPECLOCK.md + context)
+# Setup
+speclock setup --goal "Build my app"   # One-shot: init + rules + context
-# Memory Management
-speclock init                          Initialize SpecLock
-speclock goal <text>                   Set project goal
-speclock lock <text> [--tags a,b]      Add a SpecLock constraint
-speclock lock remove <id>              Remove a lock
-speclock decide <text>                 Record a decision
-speclock note <text>                   Add a note
+# Memory
+speclock goal <text>                   # Set project goal
+speclock lock <text> [--tags a,b]      # Add a constraint
+speclock lock remove <id>              # Remove a lock
+speclock decide <text>                 # Record a decision
+speclock note <text>                   # Add a note
-# Change Tracking
-speclock log-change <text> --files x   Log a significant change (NEW in v1.3.0)
-speclock context                       Generate and print context pack
+# Tracking
+speclock log-change <text> --files x   # Log a change
+speclock context                       # Regenerate context file
-# Protection
-speclock check <text>                  Check for lock conflicts (NEW in v1.3.0)
+# Enforcement
+speclock check <text>                  # Check for lock conflicts
 # Other
-speclock facts deploy --provider X     Set deploy facts
-speclock watch                         Start file watcher
-speclock serve [--project <path>]      Start MCP server
-speclock status                        Show brain summary
+speclock status                        # Show brain summary
+speclock serve [--project <path>]      # Start MCP server
+speclock watch                         # Start file watcher
 ```
-## Three Integration Modes
-SpecLock works everywhere because it adapts to your platform:
-| Mode | Platforms | How It Works |
-|------|-----------|--------------|
-| **MCP Remote** | Lovable, bolt.diy, Base44 | Connect via URL — no install needed |
-| **MCP Local** | Claude Code, Cursor, Windsurf, Cline | `npx speclock serve` — 19 tools via MCP |
-| **npm File-Based** | Bolt.new, Aider, Rocket.new | `npx speclock setup` — AI reads SPECLOCK.md + uses CLI |
-SpecLock is infrastructure, not a competitor. It makes **every** AI coding tool better.
 ## Architecture
 ```
@@ -335,7 +258,7 @@ SpecLock is infrastructure, not a competitor. It makes **every** AI coding tool
                │                  │
 ┌──────────────▼──────────────────▼────────────────────┐
 │              SpecLock Core Engine                      │
-│   Memory | Tracking | Protection | Git | Intelligence │
+│   Memory | Tracking | Enforcement | Git | Intelligence│
 └──────────────────────┬───────────────────────────────┘
                        │
                 .speclock/
@@ -364,4 +287,4 @@ MIT License - see [LICENSE](LICENSE) file.
 ---
-*SpecLock v1.3.0 — Because no AI session should ever forget.*
+*SpecLock v1.3.1 — Because remembering isn't enough. AI needs to respect boundaries.*

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "speclock",
-  "version": "1.3.1",
-  "description": "AI continuity engine — MCP server + CLI that kills AI amnesia. Maintains project memory, enforces constraints, and detects drift across AI coding sessions.",
+  "version": "1.4.0",
+  "description": "AI constraint engine — MCP server + CLI with active enforcement. Memory + guardrails for AI coding tools. Works with Bolt.new, Claude Code, Cursor, Lovable.",
   "type": "module",
   "main": "src/mcp/server.js",
   "bin": {

package/src/cli/index.js CHANGED Viewed

@@ -11,6 +11,8 @@ import {
   checkConflict,
   watchRepo,
   createSpecLockMd,
+  guardFile,
+  unguardFile,
 } from "../core/engine.js";
 import { generateContext } from "../core/context.js";
 import { readBrain } from "../core/storage.js";
@@ -69,7 +71,7 @@ function refreshContext(root) {
 function printHelp() {
   console.log(`
-SpecLock v1.3.0 — AI Continuity Engine
+SpecLock v1.4.0 — AI Constraint Engine
 Developed by Sandeep Roy (github.com/sgroy10)
 Usage: speclock <command> [options]
@@ -80,6 +82,8 @@ Commands:
   goal <text>                     Set or update the project goal
   lock <text> [--tags a,b]        Add a non-negotiable constraint
   lock remove <id>                Remove a lock by ID
+  guard <file> [--lock "text"]    Inject lock warning into a file (NEW)
+  unguard <file>                  Remove lock warning from a file (NEW)
   decide <text> [--tags a,b]      Record a decision
   note <text> [--pinned]          Add a pinned note
   log-change <text> [--files x,y] Log a significant change
@@ -95,11 +99,13 @@ Options:
   --source <user|agent>           Who created this (default: user)
   --files <a.ts,b.ts>             Comma-separated file paths
   --goal <text>                   Goal text (for setup command)
+  --lock <text>                   Lock text (for guard command)
   --project <path>                Project root (for serve)
 Examples:
   npx speclock setup --goal "Build PawPalace pet shop"
   npx speclock lock "Never modify auth files"
+  npx speclock guard src/Auth.tsx --lock "Never modify auth files"
   npx speclock check "Adding social login to auth page"
   npx speclock log-change "Built payment system" --files src/pay.tsx
   npx speclock decide "Use Supabase for auth"
@@ -336,6 +342,45 @@ Next steps:
     return;
   }
+  // --- GUARD (new: file-level lock) ---
+  if (cmd === "guard") {
+    const flags = parseFlags(args);
+    const filePath = flags._[0];
+    if (!filePath) {
+      console.error("Error: File path is required.");
+      console.error('Usage: speclock guard <file> --lock "constraint text"');
+      process.exit(1);
+    }
+    const lockText = flags.lock || "This file is locked by SpecLock. Do not modify.";
+    const result = guardFile(root, filePath, lockText);
+    if (result.success) {
+      console.log(`Guarded: ${filePath}`);
+      console.log(`Lock warning injected: "${lockText}"`);
+    } else {
+      console.error(result.error);
+      process.exit(1);
+    }
+    return;
+  }
+  // --- UNGUARD ---
+  if (cmd === "unguard") {
+    const filePath = args[0];
+    if (!filePath) {
+      console.error("Error: File path is required.");
+      console.error("Usage: speclock unguard <file>");
+      process.exit(1);
+    }
+    const result = unguardFile(root, filePath);
+    if (result.success) {
+      console.log(`Unguarded: ${filePath}`);
+    } else {
+      console.error(result.error);
+      process.exit(1);
+    }
+    return;
+  }
   // --- FACTS ---
   if (cmd === "facts") {
     const sub = args.shift();

package/src/core/engine.js CHANGED Viewed

@@ -700,37 +700,45 @@ export async function watchRepo(root) {
 // --- SPECLOCK.md generator (for npm dependency / file-based mode) ---
 export function createSpecLockMd(root) {
-  const mdContent = `# SpecLock — Project Memory Active
+  const mdContent = `# SpecLock — AI Constraint Engine Active
-This project uses **SpecLock** for AI continuity across sessions.
-Read \`.speclock/context/latest.md\` for full project context before making changes.
+## MANDATORY: Read this BEFORE doing anything.
-## Rules (follow on every message)
+This project uses **SpecLock** for AI constraint enforcement.
-1. **START OF EVERY MESSAGE**: Read \`.speclock/context/latest.md\` for project memory — goals, constraints (locks), decisions, and recent changes. If the file doesn't exist, run \`npx speclock context\` to generate it.
+**STOP. Before writing or modifying ANY code, you MUST:**
+1. Read \`.speclock/context/latest.md\` for project memory
+2. Run \`npx speclock check "what you plan to change"\`
+3. If conflict found → STOP and warn the user
-2. **BEFORE MODIFYING CODE**: Run \`npx speclock check "description of what you plan to change"\`. If a conflict is found (HIGH confidence), STOP and warn the user which constraint would be violated. Do NOT proceed unless the user explicitly says to override.
+**If a file starts with "SPECLOCK-GUARD — DO NOT MODIFY" → DO NOT EDIT IT.**
-3. **WHEN USER SAYS "lock this", "never touch", "don't change", "always", "critical"**: Run \`npx speclock lock "the exact constraint"\`. Confirm: "Locked: [constraint]"
+## Rules (MANDATORY — every message, no exceptions)
-4. **AFTER COMPLETING A FEATURE OR SIGNIFICANT CHANGE**: Run \`npx speclock log-change "what was built/changed" --files file1.tsx,file2.ts\`. Then run \`npx speclock context\` to refresh the context file.
+1. **FIRST ACTION OF EVERY MESSAGE**: Read \`.speclock/context/latest.md\`. This contains all project constraints (locks), decisions, and goals. Show: "Memory loaded — X locks, Y decisions." If the file doesn't exist, run \`npx speclock context\`.
+2. **BEFORE MODIFYING ANY CODE — EVERY TIME**: Run \`npx speclock check "description of what you plan to change"\`. If a conflict is found (HIGH confidence), STOP IMMEDIATELY. Tell the user which constraint would be violated. Do NOT proceed unless the user explicitly overrides. THIS IS THE MOST IMPORTANT RULE.
+3. **WHEN USER SAYS "lock this", "never touch", "don't change", "always", "critical"**: Run \`npx speclock lock "the exact constraint"\`. Then run \`npx speclock guard <file> --lock "constraint"\` on the specific files to inject a lock warning directly into the file. Confirm: "Locked: [constraint]"
+4. **AFTER COMPLETING A FEATURE OR CHANGE**: Run \`npx speclock log-change "what was built" --files file1.tsx,file2.ts\`.
 5. **WHEN AN ARCHITECTURAL DECISION IS MADE**: Run \`npx speclock decide "the decision"\`
-6. **WHEN USER WANTS TO CHANGE SOMETHING LOCKED**: Warn first: "This is locked: [constraint]. Want me to unlock and proceed?" If confirmed, run \`npx speclock lock remove <lockId>\`
+6. **WHEN USER WANTS TO CHANGE SOMETHING LOCKED**: Warn first. If confirmed, run \`npx speclock lock remove <lockId>\` and \`npx speclock unguard <file>\` to remove the file guard.
 ## Quick Reference
 \`\`\`bash
-npx speclock status                              # See brain summary
-npx speclock context                             # Regenerate context file
+npx speclock check "what you plan to do"         # CHECK BEFORE CHANGES
 npx speclock lock "constraint text"              # Add a constraint
+npx speclock guard src/Auth.tsx --lock "text"    # Inject lock into file
+npx speclock unguard src/Auth.tsx                # Remove file lock
 npx speclock lock remove <lockId>                # Remove a constraint
-npx speclock decide "decision text"              # Record a decision
 npx speclock log-change "what changed"           # Log a change
-npx speclock check "what you plan to do"         # Check for conflicts
-npx speclock goal "project goal"                 # Set/update goal
-npx speclock note "important note"               # Add a note
+npx speclock decide "decision text"              # Record a decision
+npx speclock context                             # Regenerate context file
+npx speclock status                              # See brain summary
 \`\`\`
 ## How It Works
@@ -740,9 +748,94 @@ SpecLock maintains a \`.speclock/\` directory with structured project memory:
 - \`events.log\` — immutable audit trail
 - \`context/latest.md\` — human-readable context (read this!)
-Every command automatically refreshes the context file so it's always up to date.
+**Guarded files** have a lock warning header injected directly into the source code.
+When you see "SPECLOCK-GUARD" at the top of a file, that file is LOCKED.
 `;
   const filePath = path.join(root, "SPECLOCK.md");
   fs.writeFileSync(filePath, mdContent);
   return filePath;
 }
+// --- File-level lock guard ---
+const GUARD_MARKERS = {
+  js: { start: "// ", block: false },
+  ts: { start: "// ", block: false },
+  jsx: { start: "// ", block: false },
+  tsx: { start: "// ", block: false },
+  py: { start: "# ", block: false },
+  rb: { start: "# ", block: false },
+  sh: { start: "# ", block: false },
+  css: { start: "/* ", end: " */", block: true },
+  html: { start: "<!-- ", end: " -->", block: true },
+  vue: { start: "<!-- ", end: " -->", block: true },
+  svelte: { start: "<!-- ", end: " -->", block: true },
+  sql: { start: "-- ", block: false },
+};
+const GUARD_TAG = "SPECLOCK-GUARD";
+function getCommentStyle(filePath) {
+  const ext = path.extname(filePath).slice(1).toLowerCase();
+  return GUARD_MARKERS[ext] || { start: "// ", block: false };
+}
+export function guardFile(root, relativeFilePath, lockText) {
+  const fullPath = path.join(root, relativeFilePath);
+  if (!fs.existsSync(fullPath)) {
+    return { success: false, error: `File not found: ${relativeFilePath}` };
+  }
+  const content = fs.readFileSync(fullPath, "utf-8");
+  const style = getCommentStyle(fullPath);
+  // Check if already guarded
+  if (content.includes(GUARD_TAG)) {
+    return { success: false, error: `File already guarded: ${relativeFilePath}` };
+  }
+  const warningLines = [
+    `${style.start}${"=".repeat(60)}${style.end || ""}`,
+    `${style.start}${GUARD_TAG} — DO NOT MODIFY THIS FILE${style.end || ""}`,
+    `${style.start}LOCKED BY SPECLOCK: ${lockText}${style.end || ""}`,
+    `${style.start}Run "npx speclock check" before ANY changes to this file.${style.end || ""}`,
+    `${style.start}If you modify this file, you are VIOLATING a project constraint.${style.end || ""}`,
+    `${style.start}${"=".repeat(60)}${style.end || ""}`,
+    "",
+  ];
+  const guarded = warningLines.join("\n") + content;
+  fs.writeFileSync(fullPath, guarded);
+  return { success: true };
+}
+export function unguardFile(root, relativeFilePath) {
+  const fullPath = path.join(root, relativeFilePath);
+  if (!fs.existsSync(fullPath)) {
+    return { success: false, error: `File not found: ${relativeFilePath}` };
+  }
+  const content = fs.readFileSync(fullPath, "utf-8");
+  if (!content.includes(GUARD_TAG)) {
+    return { success: false, error: `File is not guarded: ${relativeFilePath}` };
+  }
+  // Remove everything from first marker line to the blank line after last marker
+  const lines = content.split("\n");
+  let guardEnd = 0;
+  let inGuard = false;
+  for (let i = 0; i < lines.length; i++) {
+    if (lines[i].includes(GUARD_TAG)) inGuard = true;
+    if (inGuard && lines[i].includes("=".repeat(60)) && i > 0) {
+      guardEnd = i + 1; // Skip the blank line after
+      if (lines[guardEnd] === "") guardEnd++;
+      break;
+    }
+  }
+  const unguarded = lines.slice(guardEnd).join("\n");
+  fs.writeFileSync(fullPath, unguarded);
+  return { success: true };
+}