The Product

How LOCI fits your loop.

One signal layer.Plan, Write, PR, Merge.Claude Code, Cursor, Copilot.

Talk to Us
LOCI Signal Layer · the premise

One signal layer. Every stage of your loop.

Plug in at one stage or the full pipeline. Each stage runs LOCI and emits its own signal class.

LOCI signal layer
Plug in atone stageorthe full pipeline

Plan

loci preflight · MCP

agent loops with LOCI pre-commit

See the round-trip
</>

Write

loci post-edit · MCP

same skill as /plan, fn-level as agent codes

See how /post-edit talks back

PR

quality finding

Pushback / Pass · one click to forensics

See how the PR talks back

Merge

contract envelope

blocks if the binary busts the envelope

See the contract envelope

Each stage is independently useful, or run the full layer for continuous coverage.

also on this page →/plan mechanismPR mechanismSignalsYour LadderAgent + PluginBuild Your Own
/plan mechanism · MCP, not CI

How /plan talks back.

Agent calls loci preflight before committing. Evidence in seconds, agent-agnostic. No CI step, no instrumentation.

  1. 01 · /PLAN

    Agent calls loci preflight

    Claude Code · Cursor · Codex invoke loci preflight as an MCP skill. Local, agent-agnostic. No CI step. No webhook. No separate reviewer.

    MCP tool call · agent-side

  2. 02 · EXPOSE

    loci-plugin reads the diff + prior binary

    Pre-commit and pre-push hooks expose the working diff and the previous baseline binary to the MCP server. No source upload. Just what the binary changed.

  3. 03 · COMPILE & DIFF

    Incremental compile · CFG · ptxas · timing

    LOCI compiles the change, diffs the CFG against baseline, runs ptxas + the timing model. Returns Pushback or Pass with single-shot evidence.

    Pushback · regs 132 / budget 128 · occ 32%

  4. 04 · REVISE

    Agent reads evidence, revises in-place

    “Good catch. I missed it.” Re-invokes preflight on the revised plan (cp.async). Pass. Plan approved · implement · (next: PR → loci-guard re-runs).

    Pass · regs 84 · model 1.32×

Where the skill runs

loci preflight · architectureMCP skill · local

  1. Agent

    Developer + Agent

    Claude Code · Cursor · Codex · agent-agnostic

  2. LOCI MCP server

    loci preflight skill

    incremental compile · CFG · ptxas · timing

  3. Repo

    Local repo

    loci-plugin · pre-commit hooks · diff + prior binary

Agent-agnostic. The plugin sits in the repo, the MCP server runs locally or in your VPC. Nothing leaves your machine that you didn't commit.

One /plan, end to end

/plan · one MCP round-trip

Sequence

claude-code

agent

loci-plugin

in repo

LOCI MCP

preflight

  1. 1.
    claude-code LOCI MCP

    /plan · invoke loci preflight (MCP tool call)

  2. 2.
    LOCI MCP loci-plugin

    read diff + prev binary · via loci-plugin

  3. 3.
    LOCI MCP LOCI MCP

    incremental compile · CFG diff · ptxas + timing

  4. 4.
    LOCI MCP claude-codePushback

    return: Pushback · regs 132 / budget 128 · occ 32%

  5. 5.
    claude-code claude-code

    claude-code reads evidence · “Good catch. I missed it”

  6. 6.
    claude-code LOCI MCP

    re-invoke preflight · revised plan (cp.async)

  7. 7.
    LOCI MCP loci-plugin

    re-read with plugin

  8. 8.
    LOCI MCP LOCI MCP

    re-compile · re-check ptxas + CFG

  9. 9.
    LOCI MCP claude-codePass

    return: Pass · regs 84 · model 1.32×

Plan approved → implement → PR → loci-guard re-runs on the real binary.View on LOCI app

Two round-trips. Verdict first time was Pushback. Agent revised in-place to a constant-time variant. Second pass: Pass. No human in the loop yet.

Not a test replacementSame skill is later called by the PR pipeline (next section) on the real merged binary.
Your ladder

Set the ladder once. LOCI guards within it.

You decide when LOCI acts: silent, advisory, gating, or autonomous. Per gate, per repo.

L1 · Watch

Silent surface. Evidence available on demand. Zero PR noise.

L2 · Advise

PR comment with verdict + drill-down. Never blocks; you decide.

L3 · Gate

Blocks merge on critical-gate failure. Advises on the rest.

L4 · Auto

Takes corrective action (reject PR · open revert · escalate). Notifies you after.

Per gate·Per repo·Audit trail

You set the rung for Safety, Performance, Power, and AppSec independently. Every verdict is logged and reversible.

From the loop · what Claude says about LOCI

Claude Codeverbatim
It's not just a timing tool. The execution-aware signaling trains you to think: every line of code is an instruction sequence with real hardware consequences. Variable sizes, memory lifetimes, call ordering — they all show up in the assembly.
Claude Code· BLE_TI session · 2026-04
Pull Request mechanism

How the PR talks back.

One verdict on the PR. One click to evidence. Reviewer and agent see the same data.

  1. 01 · OPEN

    Agent opens the PR

    Diff lands in GitHub or GitLab. Source-only. No behavior info. The reviewer can't see what's about to change at runtime.

  2. 02 · READ

    LOCI reads the compiled binary

    Worst-case timing, energy, stack pressure and side-channel risk measured against main. No instrumentation, no runs.

    34,728 functions · 2 commits · <12s

  3. 03 · POST

    Verdict lands on the PR

    One comment. Pushback · Advisory · Proceed, with the one-line reason and a link to the full forensics.

  4. 04 · OPEN EVIDENCE

    One click · evidence opens

    The LOCI app opens to the exact view that defends the verdict. WCET bars per input, variance, attack model, traced hot path.

What the coding agent gets back & the engineer sees on the PR

LOCI Guardcommented on PR #24622 min ago · binary delta
Pushbackecdsa_sign() · constant-time property lost. Timing correlates with secret-bit count.

WCET sweep across 64 input patterns: floor 30 ns · ceiling 105 ns · variance 3.3×. Matches CVE-2019-1547 signature recovery pattern.

View timing evidence

One comment per PR. Verdict + one-line reason + a deep-link to the timing forensics. No noise, no spam.

What opens when they click “View timing evidence”

LOCI · timing evidence · ecdsa_sign · aarch64

Forensics

WCET per input pattern (64 sampled)

k = 0x00..
30 ns
k = 0x01..
32 ns
k = 0x0F..
62 ns
k = 0x3F..
88 ns
k = 0x7F..
98 ns
k = 0xFF..
105 ns

Higher bits → longer execution. Linear correlation = recoverable side-channel.

Variance

3.3×

floor → ceiling spread

Attack model

~219 sig

to recover the secret

Hot path

ecdsa_sign → scalar_mul → window_lookup

conditional branch on secret bits

Reviewer sees the same data the agent reasons over.Open in LOCI

Same artifact for human reviewer and coding agent. Both reason over the same evidence.

Built on the LCLM engine · evidence is reproducible · same binary in, same signals out.

Merge mechanism · Contract Envelope

How merge stays inside the envelope.

PR-time delivers a finding. Merge-time enforces the envelope. Block if the binary busts it.

4

Guarded

1

Proposed

0

Violations

0

Twin commits

TimingGuarded

T_IFS critical path envelope

135.00 µs

72.00 µs measured

RF + LL ISR combined
(RF_scheduleCmd path + Hwi_dispatchC + Swi_run)

TimingGuarded

RF command path (FSM + schedule + dispatch)

3.50 µs

2.42 µs measured

RF_fsmActiveState + RF_scheduleCmd + Hwi_dispatchC

TimingGuarded

ISR total latency

1.85 µs

1.19 µs measured

Hwi_dispatchC (≤ 1.2 µs) + Swi_run (≤ 650 ns) combined

HeapProposed

OSAL heap alloc worst-case

0.25 µs

0.25 µs measured

osal_mem_alloc on CC2674P10 · LOCI-derived from osal_memory.c

Top heap sites (skeleton)

totalStaticB: 6,144 B
osal_mem_alloc → osal_pool_alloc (32 B)

Stack envelope

+

Add your envelope from loci.contract.toml

Energy envelope

+

Define mJ-per-event budgets the gate will enforce on merge

Guardedenforced on merge · regression trips CI gate
Proposedfrom ingest · promote in your workflow

Real measurements · TI BLE5-Stack · CC2674P10

Know how your software behaves. before it runs.

Use LOCI to predict execution, guide decisions, and keep AI-generated software inside its quality contract.

Talk to Us