← Back to search

Rigour Labs | AI Agent Governance — DLP, Quality Gates & Memory Control

rigour.run

Govern every AI coding agent from a single command. Input DLP blocks credential leaks, quality gates enforce standards, memory governance controls what agents remember. Works with Claude, Cursor, Cline, Windsurf, and Copilot. Zero telemetry.

35
Basic
Agentic Readiness Score
Raise this score to 95+
We ship the 6-file GEO uplift as a pull request against your repo. Flat fee, turnaround under 72 hours.
Fix this for $199 →
ai-tools llms-txtai-friendlyaidevtools

Agentic Signals

📄
llms.txt ↗
Found
🤖
ai-plugin.json
Not found
📖
OpenAPI Spec
Not found
🔗
Structured API
Not found
🛡
AI Bot Access (robots.txt) ↗
Allowed
🏷
Schema.org Markup
Found
MCP Server
Not found

Embed this badge

Show off your agentic readiness — the badge auto-updates when your score changes.

Agentic Ready 35/100 

            

        

        

        
        

            
llms.txt Content

            
# Rigour Labs

> AI Agent Governance. One command. Every agent. Block credential leaks, enforce quality gates, control what agents remember.

## What is Rigour?

Rigour is the governance layer for AI coding agents. It provides three layers of protection: Input DLP (blocks credential leaks with 29 patterns), Quality Gates (deterministic PASS/FAIL on every file write), and Memory Governance (controls what agents remember). Works with Claude, Cursor, Cline, Windsurf, and Copilot. 100% local, zero telemetry.

## Core Problem

AI agents leak credentials, write ungoverned code, and persist data in uncontrolled memory files. Without governance, every AI coding agent is a compliance risk. Rigour adds the missing control layer.

## Three Layers of Protection

### 1. Input DLP (Data Loss Prevention)
Scans every agent input for credentials before they reach the AI model.
- 29 credential patterns: AWS keys, GCP service accounts, Azure tokens, API keys (OpenAI, Anthropic, GitHub, Stripe, SendGrid), database URLs, JWTs, private keys
- Shannon entropy detection catches base64/hex encoded secrets
- Unicode normalization defeats zero-width character bypass attempts
- OWASP LLM Top 10: 10/10 coverage

### 2. Quality Gates
Real-time hooks fire on every file write across all AI agents.
- Deterministic PASS/FAIL: file size, complexity, security patterns, hallucinated imports, AI drift
- Deep LLM analysis across 40+ code quality categories
- Supports: TypeScript, JavaScript, Python, Go, Rust, Java

### 3. Memory & Skills Governance
Controls what agents persist and where.
- Blocks writes to native agent memory: .cursorrules, CLAUDE.md, .clinerules
- Blocks writes to agent skills: .claude/skills/, .cursor/rules/, .windsurf/rules/
- DLP scanning on recall — blocks tainted stored credentials
- Configurable via rigour.yml

## Install

```bash
npx @rigour-labs/cli init
# or
brew tap rigour-labs/tap && brew install rigour
```

## Products

### Rigour CLI
Core governance engine. Runs locally w