Rigour

Open-source quality gates for AI coding agents

Open SourceAI Code Assistants AI Code Quality & Review Code Code GenerationAPI, Command Line Interface

What is Rigour?

Rigour is an open-source governance and quality control framework designed to manage and secure AI coding agents. It provides centralized control over various AI assistants including Claude, Cursor, Cline, Windsurf, and Copilot through a unified command interface. The tool addresses critical concerns in AI-assisted development by implementing three core governance mechanisms: Input DLP (Data Loss Prevention) that blocks credential leaks and sensitive information exposure, quality gates that enforce coding standards and best practices, and memory governance that controls what data agents retain and access. Built with zero telemetry, Rigour prioritise user privacy while enabling teams to maintain security and quality standards across their AI coding agent implementations.

Key Features

Input DLP blocks

Prevents credential leaks and sensitive data exposure before it reaches AI agents

Quality gates enforcement

Implements and maintains coding standards, best practices, and compliance rules across agent outputs

Memory governance

Controls what information agents retain, access, and reference during operations

Multi-agent compatibility

Unified control interface for Claude, Cursor, Cline, Windsurf, and Copilot

Single command governance

Centralized management of all connected AI coding agents from one control point

Zero telemetry

Full privacy protection with no data collection or external tracking

Pros & Cons

Advantages

Open-source project allows for community contribution, transparency, and customization
Addresses critical security gaps by preventing credential and sensitive data leaks
Unified interface simplifies governance across multiple different AI coding agents
Privacy-first approach with zero telemetry collection
Helps teams enforce consistent quality standards across AI-assisted development

Limitations

As an open-source tool, may require technical expertise to deploy and configure
Community-driven support model may have slower response times compared to commercial alternatives
Adoption limited to supported AI agents; incompatible with other emerging coding assistants

Use Cases

Enterprise teams enforcing security policies while using AI coding assistants

Organizations requiring compliance with data protection regulations (HIPAA, GDPR, SOC 2)

Development teams implementing quality gates and coding standards via AI agents

Companies concerned about credential exposure and accidental secret leaks in AI-generated code

Teams managing multiple AI coding agents and needing centralized governance