Documentation
afterclick sits above every AI coding session — watching, remembering, and reviewing the work a single session can’t see past. This is what each part does, in plain terms.
afterclick installs in one paste. The AI that does the reviewing is included — there are no API keys to wire and nothing to configure.
$ curl -fsSL https://afterclick.ai/install.sh | sh
That connects the project to your workspace, installs the governance hooks into your AI coding tool, and starts watching every session immediately. To stop, run the uninstaller or disconnect the project from your dashboard — the hooks self-remove on the next session.
afterclick is deliberately quiet. It speaks at exactly two moments — when a change touches something dangerous, and when you ship — and otherwise just logs what happened so you have a record.
How much it looks, and how much that costs, is one setting — the Care Level.
One knob decides who reviews and how often. It’s the main cost lever: cheaper levels run fewer advisors.
Removing afterclick is as clean as installing it — one paste reverses everything install.sh did.
$ curl -fsSL https://afterclick.ai/uninstall.sh | sh
That strips the governance hooks from your AI coding tool, clears the repo’s local .gov state, and revokes this machine’s token on the dashboard. Two flags narrow it down:
--repo-only — stop governing just this repo; the machine stays connected for your other projects.--keep-token — remove the local files but leave the token active on the dashboard.You can also just disconnect the project from your dashboard — the hooks then self-remove on the next session. Either way, nothing about afterclick lingers.
Before a session builds something substantial, afterclick can run a short kickoff meeting: the advisor panel reads the plan and surfaces the complications, the decisions to make first, and anything the change will ripple into — the coordinate-with-the-team step a solo builder usually skips.
It’s scoped to real work. A session that’s only reviewing or reading code declares itself review-only and the meeting stands down automatically — no meeting, no cost.
This is the part a single session structurally can’t do. afterclick sees what every one of your sessions and worktrees is touching at once — so when two sessions are about to edit the same file, it warns you before one clobbers the other, and can hold a merge until the conflict is resolved.
Clobbers and regressions aren’t bad code — they’re a coordination failure. The architect acts as a live cross-session conflict radar so parallel work stops stepping on itself.
Claude Code starts each session fresh — afterclick is the friend that holds the long-term memory between them: every session, the files touched, the decisions made, the roadmap, and how each feature works are all kept at the project level and read back into each new session at startup.
So before Claude writes a line it has the full picture — and won’t rebuild something that already exists or re-ask a decision you made last week.
Reviews are a sequence of specialists at Claude’s side — each with a job, at the moment it matters: before you build (Plan), when the work is done (Review), and before it goes live (Ship). Which advisors run depends on the Care Level.
Reviews the plan for complications before any code is written, then reviews the built diff for design problems and bugs.
Surfaces the decisions you should make first — the forks that quietly bite three commits later if left unmade.
The always-on floor. Flags risky or destructive changes on every review, even at the most relaxed setting.
Hunts for security holes — exposed secrets, missing authorization, injection, unsafe defaults.
Reviews the actual screens against a screenshot and asks for tests. Runs on Strict (a visual review).
Plans the ship order — what merges first, what clobbers what — and reads whether it’s safe to go live.
The free, always-on floor. Deterministic checks that run instantly and offline, silent unless a genuinely catastrophic pattern matches — then they stop it cold. No AI call, no latency, no noise. Think smoke detector, not reviewer.
DROP TABLE in a routine migration.rm -rf over a directory that isn’t meant to be deleted.AI coding agents read a lot of untrusted text — files, web pages, tool and command output — and a malicious instruction hidden in there can try to hijack the agent into leaking a secret, weakening a safeguard, or planting a backdoor.
afterclick watches for exactly that. When a change looks like it’s following instructions that came from content the agent read rather than from you — disabling a guard, setting up persistence, exfiltrating data, fetching and running code — it flags it, quotes the suspicious source, and asks you to confirm before it’s carried out.
The backstop before production. When you ship, the Release manager reads the whole picture — what’s changed, what depends on what, whether a parallel session’s work would ride along or get clobbered — and plans the safe merge order. It’s the one comprehensive review, run once, at the moment it counts.
Shipping is where parallel sessions get dangerous — two deploys racing to production, one quietly overwriting the other. So production promotes through a single, real deploy lock: only one thing ships at a time, and everything else waits in an ordered queue.
The result: no two deploys ever race, and nothing reaches your users by accident.
afterclick-native branch protection, enforced where the work happens. It catches force-pushes and deletions of protected branches, and direct pushes that should go through a pull request — surfaced in plain English before they land, not after.
It’s advisory by default and policy-driven, and it stands down while you legitimately hold the deploy lock, so it guards the branch without getting in the way of a real ship.
A per-project board that replaces session goals. Every plan, fix, and idea becomes a card in one of four columns — Inbox, Planned, In progress, Done — so nothing gets parked and forgotten.
afterclick reads the board before each session (so a new session knows what’s already planned and doesn’t duplicate it) and adds to it as you work. Cards carry a type, a priority, a checklist, and which sessions touched them.
Hand afterclick the wheel and it keeps the roadmap moving. A Product Owner ranks your roadmap, picks the next safe, high-priority card, and a governed run builds it, verifies it on staging, and stages it for your sign-off — then moves to the next.
It’s cost-capped, it stops the moment something genuinely needs your judgment, and it never deploys to production on its own. You stay the one who promotes to prod — it just does the safe, well-understood work in between.
An encrypted vault for the API keys your project needs, organized by provider and environment. Keys are stored encrypted at rest and revealed only to you — so the AI can use a credential without it ever being pasted into your code or committed to the repo.
A living description of how each feature in your project actually works. Before the AI researches a feature by reading the code, it reads the catalog — so it starts from the truth instead of re-deriving it every time. When a feature changes, the catalog is updated to match. It’s how the project’s knowledge compounds instead of being rediscovered each session.
Every session is logged to your dashboard — what was done, which files were touched, and a change-and-rollback record — so the oversight is something you can see, not take on faith. A Needs Attention view surfaces buried env and config problems before they get lost in the back-and-forth of a long session.
Safety you can’t see is hard to trust, so afterclick keeps a running, plain-English feed of the real things it caught for you — the cross-session clobber it held, the regression it flagged, the risky deploy it paused — each linked to the session responsible.
It’s the receipts: proof the team layer is earning its keep, and a record you can look back on (or share) instead of taking the oversight on faith.
afterclick catches the catastrophic, knowable risks before they ship — the clobber, the dropped table, the leaked key, the regression. It is not a guarantee that your app is bulletproof, and it doesn’t replace a senior engineer for deep, multi-layer debugging.
We say this plainly on purpose: a safety tool that claims to catch everything is one you can’t trust. It’s the team that catches the disasters — not a promise that none exist.
The deterministic tripwires run locally and offline. The deeper LLM review runs server-side and only on the sensitive changes you’ve opted into via the Care Level — UI, copy, and refactors are skipped. You decide how much afterclick looks at, and you can opt a repository out entirely.
afterclick is built for Claude Code first and best, and is agent-neutral under the hood. Support for more coding agents is on the roadmap, so the same friend follows you across tools.