Agent Operator Layer
ECC
An open-source operator layer that sits on top of coding agents — 249 skills, 63 agents, hooks, memory persistence, and AgentShield security that teach Claude Code, Codex, Cursor, and OpenCode your patterns. The 206K-star flagship of a new product category: the harness above the harness.
ECC is the clearest example yet of a product category that didn't exist a year ago: the operator layer that sits on top of a coding agent. It isn't a model, and it isn't a harness like Claude Code or Cursor — it's the reusable system of skills, agents, hooks, memory, and security rules that you install into those harnesses so they actually behave like your team. In under five months it collected over 206,000 GitHub stars, which tells you the market was waiting for exactly this.
What is the “operator layer,” and why does it exist now?
For two years the conversation was about the model. Then it became clear the model is rarely the bottleneck — the scaffolding around the model is. The same Claude or GPT inside two different setups produces wildly different work depending on what context it has, what it remembers between sessions, which tools it reaches for, and what guardrails stop it from doing something dumb.
That scaffolding is the harness (Claude Code, Codex, Cursor, OpenCode). ECC adds a layer above even that: a portable bundle of operating procedures the harness loads at startup. Think of it as the difference between hiring a brilliant contractor and hiring one who already knows your codebase, your conventions, your deploy process, and your security policy. ECC is how you ship that institutional knowledge into the agent — once — and have it apply across every harness you use.
What is ECC, concretely?
ECC (the “agent harness performance optimization system”) is an open-source, MIT-licensed repository built by solo maintainer Affaan Mustafa, started in January 2026. It organizes its intelligence into five layers, and the counts are not small:
- 249 skills — reusable workflows: TDD, planning, security review, frontend/backend patterns, DevOps, content, and domain packs you invoke like commands.
- 63 agents — specialized subagents for code review, security auditing, build troubleshooting, and per-language development.
- 34 rules — always-follow guidelines, split into language-agnostic principles plus per-language packs (TypeScript, Python, Go, Swift, PHP, and more).
- 79 commands — legacy slash-command shims kept for compatibility while the system migrates to a skills-first model.
- 15+ hook event types — automations that fire on tool use, file edits, and session lifecycle events. This is the machinery behind its memory persistence.
Crucially, it's cross-harness: one codebase ships to Claude Code, Codex, Cursor, OpenCode, Gemini, Zed, and GitHub Copilot through adapter layers, so you write your operating procedures once instead of re-doing them per tool.
The model is the engine. The harness is the car. ECC is the driver who already knows the route.
What does it actually do for an agent?
Three capabilities make ECC more than a folder of config files, and each maps onto a real pain point of working with coding agents day to day:
Memory persistence
Continuous learning (“instincts”)
AgentShield security
Token optimization
How does the business work?
ECC is structured in three tiers. The OSS core stays MIT-licensed and free forever. On top sits a GitHub App that analyzes a repo's git history and proposes repo-native guidance as pull requests — a review-first approach, so nothing lands without a human approving the PR. Beyond that is an emerging Rust control plane, ECC 2.0, currently in alpha. Pricing:
- Free — $0, public repos, OSS access, basic PR generation.
- Pro — $19 per active seat / month, private repos and deeper AgentShield checks.
- Enterprise — contact sales; SSO, policy packs, custom rules, rollout support.
That funding model — GitHub Sponsors plus Pro subscriptions — is what lets a single maintainer ship weekly across seven harnesses. It's also the source of one of the risks below.
Where it shines, where it frustrates
Shines
- Genuinely cross-harness — write your operating layer once, run it everywhere
- Enormous, real surface area (249 skills, 63 agents) you don't have to build yourself
- Security is a first-class citizen via AgentShield, not an afterthought
- Memory + continuous learning make the agent compound over time
- MIT-licensed core; you can read, fork, and self-host every line
Frustrates
- The plugin doesn't auto-distribute rules — you manually copy language packs to avoid context bloat
- Sheer size means a learning curve; the real docs live in external long-form guides, not the repo
- Self-reported numbers are inconsistent across surfaces (the README badge still says “182K stars” while the live count is ~206K; agent/skill counts differ between the site and repo metadata)
- Single-maintainer project — impressive cadence, but a real bus-factor and support risk for teams betting on it
- The automation and private-repo value sits behind Pro; the free tier is OSS-only
Is it worth installing?
If you already live inside a coding agent — and if you've adopted a hackable agent like Pi or run one inside an agentic terminal like Warp, you have — then ECC is the layer that turns “a capable agent” into “a capable agent that works the way you do.” The OSS core is free and the install is reversible, so the cost of trying it is mostly the time to learn its surface. Start with a couple of language rule packs and a handful of skills rather than the full firehose; the manual, selective install is a feature, not a bug.
Where it gets harder to recommend blindly is the enterprise bet. Standardizing a whole team on a fast-moving, single-maintainer system is a real dependency, and the security tooling — arguably the most valuable part — is where the paid tiers earn their keep. That's a fair trade, but it's a decision to make with eyes open.