AI writes your code fast — Cursor, Copilot, whatever you run — but you're trusting one model. Nomos has a different one review every change before you merge, and seals a tamper-evident receipt. One command. One key. The AI that wrote it doesn't get to grade its own homework.
Point Nomos at the change you just made. A second, independent model reviews the diff — told to find what's wrong, not to agree — and gives you a verdict. Here it caught an auth bypass a "looks fine" review would wave through:
$ nomos verify --staged ▸ reviewing 11 diff lines with your second-seat model… ✗ FAIL — if (user.role = "admin") assigns instead of compares. The function now returns true for any user, mutates the input, and bypasses every authorization check. Revert it. ── receipt 14c8680b · independently checked by a different provider
FAIL exits non-zero — drop it in a pre-commit hook or CI and a bad change can't land. nomos verify --staged checks what you're about to commit; --against main reviews a whole branch.
The model that wrote the code is the worst judge of it — it's confident in exactly the places it's wrong. A different model, told to refute rather than agree, catches the bugs, edge cases, and security holes the first one was blind to. Nomos seals a content-hashed receipt of that review: tamper with the diff, the answer, the verdict, or even swap the reviewer model, and the id changes.
{ "proposer": { "model": "Cursor", "provider": "external" }, "verifier": { "model": "openai/gpt-5.5", "verdict": "FAIL" }, "cross_provider": true, "hash": "sha256…" }
It carries no secrets — commit it, attach it to a PR, hand it to a reviewer who wasn't there. Stop merging AI code on faith.
Verify with whatever you already pay for — Claude, GPT, Gemini, Kimi, GLM, Qwen, Grok, DeepSeek, MiniMax, or a local Ollama. 15 providers. The key stays on your machine, mode 0600.
nomos verify --staged in a git hook. --against main on a PR. A FAIL exits non-zero, so a bad change can't merge. --json for pipelines.
Need it to make the change as well? nomos run is a full coding agent — explore, surgical edits, run your tests — streaming, on the same one key.
One small, readable, sandboxed codebase. npm test runs 49 tests. MIT — fork it.
Nomos is free and MIT — today and always. $NOMOS is a community token on pump.fun: any creator rewards it generates go back into the open-source work. The tool stands on its own and doesn't depend on the token — the token just lets the community back the build, in the open.
Right now it's a CLI that catches what your AI missed. The vision: every AI change — your editor, your CI, your team's PRs — carries an independent, tamper-evident receipt. Built in the open; $NOMOS is how the community pitches in.
$NOMOS is a community token, not an investment — no promise of return, nothing here is financial advice.
One-key cross-provider verify + sealed receipts, 15 providers, MCP server, CI gating.
Log in with your existing ChatGPT or SuperGrok plan — no per-token API bill.
Editor plugins, PR bots, and the receipt as a portable, verifiable trust artifact.
Node 18+. One key — whatever model you want as the reviewer.