FAQ
Common questions.
Straight answers.
Everything you need to know before you install. If something’s missing, send it through .
Getting Started
How do I install Mault?
Install the Mault extension from the VS Code Marketplace. Run Mault: Initialize from the Command Palette (Cmd/Ctrl+Shift+P). This creates your config folder, registers the hooks, and prompts you to choose Core or Pro. Detectors activate on the next file save.
What are the requirements?
VS Code 1.96 or later, a workspace containing docs/mault.yaml with version: 1, and a trusted workspace for full functionality. Multi-agent workflows and runtime hooks require Claude Code. A Mault account is required.
Do I need to use the multi-agent workflow?
No. It’s completely optional. You can use Mault purely for its detectors, hooks, and CI governance gate without ever running the agent fleet. Core is free forever with architectural detectors, AI prompts, quick fixes, and basic runtime hooks.
Can I use Mault on an existing project?
Yes. The Production Readiness Kit detects what already exists. Has Git? Skip Step 1. Has a Dockerfile? Skip Step 3. Has pre-commit hooks? Skip Step 6. The rising-tide model grandfathers existing issues while blocking new ones, so you never get flooded with historical violations.
What detection levels are available?
Three levels: Gentle (3 detectors), Balanced (10 detectors), or Full (all detectors). Run Mault: Set Detection Level from the Command Palette to switch. Ratchets ensure quality only improves. Existing issues are grandfathered, new issues are blocked.
Compatibility
Does Mault work with Cursor, Copilot, and Windsurf?
Yes. All detectors and the CI governance gate work with any AI coding tool. Runtime hooks require Claude Code. For agents without Claude Code hooks, Monolith Detection and Missing Test Detection provide equivalent enforcement through the Problems Panel.
What languages and frameworks are supported?
Detectors are polyglot by default using file and folder pattern matching. Advanced detectors use import analysis and AST analysis for JavaScript/TypeScript and Python. Multi-agent flows are tested for TypeScript/JavaScript and Python. Production Readiness Kit templates are available for Go, Rust, Java, .NET, C++, Swift, and Julia.
Does Mault work outside of VS Code?
Mault is currently a VS Code extension. The CI governance gate runs in any CI environment that supports GitHub Actions. JetBrains and other editor support is on the roadmap.
How It Works
What actually happens when an agent breaks a rule?
It depends on the enforcement level. Warn: surfaces in the Problems Panel, agent can continue. Error: blocks the save, must resolve before proceeding. Hook deny: intercepted before the file is written. CI block: code is written but the PR cannot merge until gates pass.
How is this different from CLAUDE.md or .cursorrules?
Those are suggestions. Agents read them when convenient and ignore them when not. Mault enforces at the infrastructure level with file system hooks, workspace isolation, static analysis, and CI gates. The agent can’t opt out. Physics, not policy.
How is Mault different from SonarQube or Snyk?
SonarQube and Snyk analyze code after it’s written. Mault enforces rules while code is being written. Violations are intercepted in real time, inside the development workflow, before the code reaches a pull request. Mault also provides multi-agent orchestration and a structured production readiness path that static analysis tools don’t offer.
What are the 6 agent roles?
Planner builds the plan with you. Orchestrator creates atomic GitHub issues with zones, budgets, and dependency ordering. Worker picks up issues, writes code via TDD, and creates PRs. Review Agent merges PRs when all CI passes. Tester runs tests and verifies merged work. Compliance audits the completed cycle. Each role has minimum-permission allowlists. No role can do another role’s job.
How do agents stay out of each other's way?
Four layers of isolation. Atomic tasking: one issue = one branch = one PR. Worktree sharding: each worker gets its own git worktree so agents physically cannot overwrite each other’s files. PID identity: each agent session is tracked independently. Pull-based queue: workers self-select from a shared issue pool gated by dependency ordering.
What are the 5 runtime hooks?
Agent Bootstrap injects task boundaries and phase context at session start. Zone Boundary blocks file writes outside the declared zone. Budget Gate warns at 80% and blocks at 100% of file/LOC budget. Phase Gate prevents role overreach. Receipt Gate blocks session end without a structured completion receipt. All hooks fail-open outside managed sessions.
What does the Production Readiness Kit do?
A structured 9-step journey from “runs locally” to production-ready. Steps cover Git setup, secrets management, Docker, CI/CD pipelines, TDD frameworks, pre-commit hooks, Mault detectors, governance scripts, and AI coder testing rules. Steps 1-3 and Step 9 are free in Core. Steps 4-8 require Pro.
What are philosophy guides?
Fourteen battle-tested guides that explain the reasoning behind enforcement. AI coders read these and generate language-specific governance scripts. Examples include Rising Tide (tests must exceed 2x source size), Iron Dome (type-safety holes can only decrease), TDD (red-green-refactor with pure core pattern), and Ratchet Strategy (count violations, set baseline, block increases).
Can I customize the rules?
Yes. The Mault Rulebook (docs/mault.yaml) is fully configurable. You define which detectors are active, set enforcement levels per rule, and configure thresholds. Run Mault: Audit Configuration to validate your setup.
What does the Governance Gate CI do?
A GitHub Actions workflow that enforces Mault governance rules in CI. It detects your project’s language stack (9 stacks supported), runs Mault detectors as CI checks, and blocks PRs that introduce new violations using the rising-tide model. It integrates with branch protection rules.
What's the difference between Core and Pro hooks?
Core hooks use simple pattern matching for basic TDD enforcement. Pro hooks understand your project’s testing architecture and route to the correct pyramid layer. Pro also adds advanced size gates (warn at 300 LOC, fail at 600), session context injection, and hard-coded value scanning.
Is there a fully autonomous mode?
Yes, as an experimental feature. Same roles, same isolation, same enforcement. Agents hand off automatically without human clicks. Coming soon for community testing.
Security & Privacy
Does Mault send my code anywhere?
No user code is stored on external servers. All detectors run locally within VS Code. Network calls are limited to authentication, subscription validation, error reporting (no code content), and usage analytics (opt-out via mault.usage.enabled). No data is used for AI model training.
How are payments handled?
Payments are processed securely via Stripe. Mault never stores card details. Your payment information is handled entirely by Stripe’s PCI-compliant infrastructure.
Is Mault SOC 2 compliant?
Mault runs entirely locally and does not store or transmit your source code. For Enterprise customers with specific compliance requirements, talk to our team to discuss your needs.
Pricing
What's included in Core (free)?
All architectural detectors, AI-ready prompts for every finding, quick fix actions, basic runtime hooks, and Production Readiness Kit Steps 1-3 and Step 9. Core is free forever.
What does Pro add?
Everything in Core plus Multi-Agent Flows (6-role handoff chain), the full Production Readiness Kit (all 9 steps), advanced runtime hooks with layer awareness, and the Governance Gate CI. $99 one-time activation plus $7.99/month per user.
What is the one-time activation fee?
The $99 activation is a one-time setup fee for Pro. It unlocks Pro features immediately with a 30-day grace period included. After that, Pro is $7.99/month per user.
What happens if my Pro subscription lapses?
You return to Core Free. No data loss, no lock-in. Pro-only features become inactive until you resubscribe.
Do you offer Enterprise pricing?
Yes. Enterprise includes everything in Pro plus custom governance rule design, org-wide enforcement, tailored onboarding, dedicated support, CI/CD integration guidance, and policy customization. Talk to our team to learn more.
Still have questions? We’re happy to help.