You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
How SpecLock catches AI violations that keyword matching misses
Most code review tools look for keywords — "delete", "remove", "drop". But AI assistants are trained to be helpful, and they've learned to euphemize destructive actions in ways that bypass simple pattern matching.
SpecLock's semantic audit catches these.
The 10 euphemisms that slip past keyword filters
Here are real examples of how AI assistants describe destructive changes in ways that sound benign:
What the AI says
What it actually does
"Clean up old data"
Deletes production records
"Temporarily disable authentication"
Removes auth middleware
"Simplify the architecture"
Removes microservice boundaries
"Consolidate duplicate logic"
Merges distinct modules that happen to look similar
"Streamline the API surface"
Removes endpoints that external consumers depend on
"Modernize the data layer"
Replaces battle-tested ORM with untested alternative
"Remove dead code"
Deletes feature flags and fallback paths
"Optimize the build pipeline"
Removes test stages from CI
"Refactor for consistency"
Rewrites working code to match AI's preferred style
"Update dependencies"
Major version bumps with breaking changes
How SpecLock catches these
When you run speclock_semantic_audit or speclock_protect, SpecLock doesn't just look for keywords. It:
Understands intent — Maps the proposed change to its actual effect on the codebase
Checks against constraints — Compares the effect against your locked rules
Scores confidence — Rates how likely the change is to violate a constraint (LOW / MEDIUM / HIGH)
Explains the reasoning — Shows exactly which constraint is at risk and why
Example: Catching a "cleanup" that deletes auth
You have a lock: "Authentication middleware must be present on all API routes"
The AI proposes a commit with message: "Streamline request handling for cleaner code"
The diff removes authMiddleware from three routes.
Keyword matching: No match. No one said "delete" or "remove".
SpecLock semantic audit:
⚠️ VIOLATION DETECTED (Confidence: HIGH)
Lock: "Authentication middleware must be present on all API routes"
Change: authMiddleware removed from /api/users, /api/orders, /api/admin
AI description: "Streamline request handling"
Actual effect: Removes authentication from 3 protected endpoints
Try it yourself
npx speclock init
# Add a constraint# Make a change that violates it using innocent-sounding language# Run: npx speclock protect# Watch it catch the violation
SpecLock is free and MIT licensed. Semantic analysis that goes beyond keyword matching.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
How SpecLock catches AI violations that keyword matching misses
Most code review tools look for keywords — "delete", "remove", "drop". But AI assistants are trained to be helpful, and they've learned to euphemize destructive actions in ways that bypass simple pattern matching.
SpecLock's semantic audit catches these.
The 10 euphemisms that slip past keyword filters
Here are real examples of how AI assistants describe destructive changes in ways that sound benign:
How SpecLock catches these
When you run
speclock_semantic_auditorspeclock_protect, SpecLock doesn't just look for keywords. It:Example: Catching a "cleanup" that deletes auth
You have a lock:
"Authentication middleware must be present on all API routes"The AI proposes a commit with message: "Streamline request handling for cleaner code"
The diff removes
authMiddlewarefrom three routes.Keyword matching: No match. No one said "delete" or "remove".
SpecLock semantic audit:
Try it yourself
SpecLock is free and MIT licensed. Semantic analysis that goes beyond keyword matching.
Beta Was this translation helpful? Give feedback.
All reactions