Every claim below is backed by a real file path in the AUREM repo. This is not a marketing page — it's a technical inventory of the moats we've built while Cursor, Devin, Copilot, Windsurf and Aider were doing something else.
Loop cannot commit until Vanguard + Bug Hunt + Docker CIS + HTTP headers pass on the files ORA just wrote. On failure — auto-heal up to 3 times, then pause-for-user.
services/loop_full_scan.pyThree council members generate in parallel at temps 0.1 / 0.2 / 0.3. CEO (different model) picks best. Circuit breaker + trace_id + Semaphore(6).
core/parliament.pyAnthropic's defending-code-reference-harness pattern. Separate model with different prompt re-reviews every patch for 25 vulnerability patterns before commit.
services/vanguard_verify_agent.pyIf ORA mentions a file path or version WITHOUT a read_repo_file tool call in the same turn — response is auto-blocked, files fetched, LLM re-run with real data.
services/citation_guard.pyUses (user_message, final_output) pairs as retrieval-augmented few-shots RIGHT NOW instead of waiting 1,000 samples for fine-tuning. Faster, free, always-fresh.
services/ora_council_retriever.pyPure regex + AST. Security + perf + code quality + deps + database — all 5 for the price of one GitHub tree walk. LLM pays only when you click Fix.
routers/codebase_health.pyAdapted ProjectDiscovery's Nuclei HTTP templates into static source detectors. Catches at commit-time instead of runtime.
services/bug_hunt_rules.pyRejects transition:all, emoji icons in source, !important abuse, hardcoded colors without CSS vars, console.log, missing React key= props.
services/design_linter.pyCyclomatic complexity > 10 flag, god files, circular import SCC detection, module boundary violations (routers importing routers). Pure AST, no LLM.
services/architecture_health.pyThe moment ORA finishes a task, scans only changed files for secrets + broken imports. Max 3 findings. Zero LLM cost.
services/post_task_scanner.pyhtml2canvas captures your current screen → Gemini 2.5 Flash vision → advisor literally sees what you see. No screenshot upload UX; automatic.
services/advisor_vision.pyLLM generates Mermaid.js flowchart with layer subgraphs from your actual import graph (not directory tree). Cached by tree_sha, instant on repeat.
services/mermaid_diagram.pyFrontend snippet pipes console errors, network 4xx/5xx and stack traces into ORA with exact file+line mapping. Known errors take regex fast-path, zero LLM.
services/mode_d_debugger.pyCheapest-first strategy pyramid: 3× exponential retry → PAT re-decrypt → OAuth refresh → surface. Transient failures never touch the user.
services/repo_heal.py/scan hits GitHub rate limit → persistent countdown toast → auto-retries at 0 with 3-cycle cap + Cancel button. No dead-end error screens.
frontend/src/components/Toast.jsxStatic catalog for ~20 common failures returns plain Hinglish + concrete step list. LLM fallback (Claude Haiku, 200 tokens) for unknowns.
services/error_translator.pyOne EMERGENT_LLM_KEY routes to any model. No juggling three separate API keys. Auto top-up baked in.
services/llm.pyA casual · B council · C code write · D debug flow · E full-repo audit · F market engage. Confidence < 0.55 asks the user to disambiguate.
services/mode_classifier.pyowner/repo@tree_sha keyed in Redis. Same repo scanned by two users? Second one skips all 50-600 GitHub API calls. Compounds as user base grows.
services/scan_cache.pyCommits attribute to real dev (from GitHub OAuth), Conventional Commits format, Co-authored-by: ORA trailer. Locked with 39 pytests.
services/git_identity.py10 free tasks. No credit card. Connect your repo, describe what you want, watch ORA ship — with all 20 of the above running in the background.