I run a multi-model AI pipeline for development. Claude Opus for architecture, GPT Codex for builds, Haiku for bulk operations, and local Qwen 2.5 (7B/14B) via Ollama for embeddings, code search, and classification. They generate code, create PRs, and run reviews. It’s productive until you realize the agent resets every session and forgets every rule you’ve ever written.
My agent has pushed code to main despite explicit instructions not to. Twelve times. Same rule, same instructions, same result. Rules don’t work on AI agents for the same reason New Year’s resolutions don’t work on humans. Knowing and doing are different problems.
The Failed Approaches
More rules didn’t help. I have an AGENTS.md, a SOUL.md, domain-specific rule files, knowledge cards. The agent reads them. It still breaks them when the immediate task overrides the process.
Stronger language didn’t help. “NEVER push to main” works exactly as well as “never” in all caps.
Corrections work for one session. Next session, clean slate.
What Actually Works
Mechanical Enforcement
A pre-push hook that rejects code pushes to main:
CODE_CHANGES=$(echo "$CHANGED" | grep -vE '(LICENSE|README|\.md$|\.gitignore)')
if [ -n "$CODE_CHANGES" ]; then
echo "BLOCKED: Direct push of code to main."
exit 1
fiInstalled on 39 repos. The agent physically cannot push code to main. README and LICENSE updates pass through because they don’t need PRs. The hook is smart enough to know the difference.
Key insight: don’t tell agents what not to do. Make it impossible.
Self-Improving Corrections
When I correct the agent, it captures the correction as a knowledge card with metadata (what went wrong, the correct approach, why). Weekly, it promotes recurring corrections into rule files. The rules write themselves.
This works because it’s automatic. The pipeline runs regardless of whether the agent “remembers” to update its rules.
Observability
I built an observability page showing session traces, token breakdown, tool usage patterns, and cost per session. Key finding: 94.2% prompt cache hit rate (good), but some sessions burn 10x the expected tokens (bad). Without observability, you’re flying blind.
Knowledge Card Memory
Replaced a 62KB monolithic memory file with 38 atomic knowledge cards (~350 tokens each). Semantic search pulls only relevant cards per task. Token burn dropped 97%, from 62KB to ~1.5KB per session.
The Pattern
Every mechanism that works shares one trait: it doesn’t depend on the agent remembering anything.
Git hooks live in the filesystem. Correction pipelines trigger automatically. Observability logs everything regardless. Knowledge cards are found by search, not recall.
If your AI agent governance strategy requires the agent to choose correctly, it will fail. Build systems where the right behavior is the default and the wrong behavior is blocked.
What This Looked Like in Practice
In one session today:
- Pre-push hooks deployed to 39 repos
- Self-improving correction pipeline with knowledge cards
- Agent observability dashboard (session traces, tool usage, cost)
- Config viewer for editing agent rules from a browser
- 27 tests generated by 3 parallel Codex agents, all passing
- Repo health scan across 54 GitHub repos (36 issues found)
- 21 LICENSE PRs created and merged automatically
- 9 npm vulnerability fix PRs opened
The productivity is real. The governance problem is also real. Both can be true. The answer is mechanical enforcement: stop writing rules, start building rails.
All of this is open source at github.com/solomonneas.
