
overreach
โ 6from Naveja00
MCP tool that audits a code diff against the originating prompt and flags out-of-scope changes an AI agent made.
Overreach
Your AI wrote 2,000 lines. You have 10 minutes to review it.
Overreach tells you where to look first. You asked for a login form โ it shows you the Stripe key, the checkout endpoint, and the cron job your AI agent added without asking. Deterministic, evidence-backed, no AI opinions.
See it
$ npx -y overreach demo
Overreach โ AI PR Review
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
You asked: "add a login form to the settings page"
5 files changed ยท 4 in scope ยท 1 outside scope
Findings
โ New environment variable: STRIPE_SECRET
.env.example
โ New API endpoint: /api/checkout
src/app/api/checkout/route.ts
โ Scheduled job added
cron.config.ts
โ File outside scope: cron.config.ts
cron.config.ts
โ Added dependency: stripe
package.json
Heads Up
โ New API route added but no test file updated
โ Dependencies changed but lockfile not updated
โ 3 source files changed but no tests updated
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
5 findings ยท review carefully ยท deterministicYou asked for a login form. Overreach found a payment system. Review those files before you merge.
Works with
- Claude Code
- Cursor
- Codex
- GitHub Copilot
- Windsurf
- Aider
Any tool that writes code from a prompt. Overreach reviews the output, not the tool.
What it catches
Unexpected changes (things the AI did that you didn't ask for)
| Check | Example |
|---|---|
| Dependencies | Added stripe when you asked for a login form |
| Environment variables | STRIPE_SECRET appeared in .env |
| API endpoints | /api/checkout route you never requested |
| Scheduled jobs | Cron jobs or background tasks added silently |
| Runtime listeners | Servers, WebSocket handlers, process.on hooks |
| Out-of-scope files | Files modified that your prompt didn't mention |
| Feature creep | New functions/classes beyond what was requested |
Every finding is deterministic โ derived from your prompt and the diff by set arithmetic. No AI opinions. Just: "you asked for X, the diff also contains Y, and Y wasn't in X."
Heads Up (things you probably need to check)
Overreach also scans for practical cross-file issues that developers miss during review:
| Warning | What it catches |
|---|---|
| Schema without migration | Changed schema.prisma but didn't add a migration |
| Env var mismatch | Code uses process.env.FOO but .env doesn't define it |
| Route without tests | New API route added but no test file updated |
| No tests at all | 3+ source files changed, zero test files touched |
| Deps without lockfile | package.json changed but no package-lock.json |
| Auth/middleware changed | Security-sensitive files modified |
| Hardcoded secrets | API keys or tokens written directly in source code |
| Large file | 200+ lines added to one file โ might need splitting |
| Dead new files | New file created but never imported anywhere |
| Tech debt added | TODO/FIXME/HACK in 2+ files |
| API without docs | API routes changed but docs not updated |
| Orphan styles | CSS changed but no component updated |
| Config sprawl | 3+ config files changed at once |
| Infra-only | Docker/CI changed but no source code |
These aren't scope creep โ they're the stuff you forget at 2am and find out about in production.
Why deterministic
Most AI code reviewers use another AI to judge your code. That means opinions, hallucinations, and results that change between runs.
Overreach doesn't do that.
It runs a 3-stage pipeline:
-
Extract scope โ One cheap LLM call reads your prompt and extracts what you authorized (files, deps, env vars, endpoints). Or skip the LLM entirely with zero-key mode.
-
Parse the diff โ Regex-based extraction. No LLM. Finds every file changed, dependency added, env var set, endpoint created. Runs in milliseconds.
-
Compare โ
actual โ authorized = findings. Pure set arithmetic. Everything in the diff that wasn't in your prompt is a finding.
Stages 2 and 3 are pure functions โ same input, same output, every time. No inference, no model drift.
CI Gate
Use Overreach as a GitHub Action to block AI scope creep on every PR:
# .github/workflows/overreach.yml
- uses: Naveja00/Overreach@v1Exit code 1 when unexpected changes are found โ the AI agent can't skip this check.
MCP Server (for AI agents)
AI agents can use Overreach to check their own work before committing:
# Claude Code
claude mcp add overreach -- npx -y overreach --serve
# Claude Desktop / Cursor โ add to MCP config:
{ "mcpServers": { "overreach": { "command": "npx", "args": ["-y", "overreach", "--serve"] } } }Internals
API key (optional)
Overreach auto-detects your AI provider:
| Provider | Env var |
|---|---|
| Anthropic | ANTHROPIC_API_KEY |
| OpenAI / compatible | OPENAI_API_KEY |
| Ollama (local) | No key needed |
CLI flags
overreach # Interactive mode (recommended)
overreach demo # Zero-key demo with sample diff
overreach init # Install as pre-commit hook
git diff | overreach --prompt "โฆ" # Pipe a diff with explicit prompt
overreach --diff file.diff --prompt "โฆ" # Read diff from file
overreach --scope scope.json --prompt "โฆ" # Skip LLM, use pre-extracted scope
overreach --json # Machine-readable JSON output
overreach --serve # Start as MCP serverJSON output
Add --json for structured output (CI, piping, integrations):
{
"scope": { "files_allowed": [], "features_allowed": [] },
"actual": { "files_changed": [], "symbols_added": [] },
"findings": [
{
"kind": "scope.env",
"detail": "New environment variable STRIPE_SECRET not in authorized scope",
"file": ".env.example",
"severity": "high",
"evidence": "STRIPE_SECRET"
}
],
"scope_creep_score": "HIGH",
"blast_radius": {
"warnings": [
{
"pattern": "route-no-test",
"message": "New API route added but no test file updated",
"files": ["src/app/api/checkout/route.ts"],
"suggestion": "Add tests for the new endpoint"
}
]
}
}Finding kinds
| Kind | Severity | What triggered it |
|---|---|---|
scope.env | HIGH | Environment variable not mentioned in prompt |
scope.endpoint | HIGH | API route added without authorization |
scope.cron | HIGH | Scheduled job added |
scope.listener | HIGH | Runtime listener (server, WebSocket, process.on) |
scope.dep | MEDIUM | Package dependency added |
scope.file | MEDIUM | File changed outside prompt's scope |
scope.feature | LOW | New symbol not matching any authorized feature |
Telemetry
Overreach sends anonymous usage pings: counts and enums only (score,
findings count, OS, version) โ never code, prompts, file paths, or diff
content. A one-time notice is printed on your first review. Opt out any time:
export OVERREACH_TELEMETRY=0 # or DO_NOT_TRACK=1Tests
npm test # 241 deterministic assertions, zero API callsLinks
$ npx -y overreach demo
Overreach โ AI PR Review
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
You asked: "add a login form to the settings page"
5 files changed ยท 4 in scope ยท 1 outside scope
Findings
โ New environment variable: STRIPE_SECRET
.env.example
โ New API endpoint: /api/checkout
src/app/api/checkout/route.ts
โ Scheduled job added
cron.config.ts
โ File outside scope: cron.config.ts
cron.config.ts
โ Added dependency: stripe
package.json
Heads Up
โ New API route added but no test file updated
โ Dependencies changed but lockfile not updated
โ 3 source files changed but no tests updated
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
5 findings ยท review carefully ยท deterministicBefore it works, you'll need: STRIPE_SECRETANTHROPIC_API_KEYOPENAI_API_KEY
Install
# Just run it โ zero setup
cd your-project
npx -y overreachThat's it. It auto-detects your changes, asks what you told the AI to do, and shows the review. No config files, no flags to memorize.
Or install it permanently:
npm install -g overreach
# Pipe a diff with an explicit prompt
git diff | overreach --prompt "add user authentication"
# Install as a pre-commit hook
overreach initNo API key? No problem. Without a key, Overreach regex-parses your prompt offline. Instant, free, fully deterministic.
No common issues documented yet. If you hit a problem, the repository's GitHub Issues page is the best place to look.
Licensed under MITโ you can use, modify, and redistribute it under that license's terms.
License
MIT โ free and open source.