Execution surfaces
New or changed hook commands, URLs, and MCP server definitions.
HarnessDelta turns a Git diff into a focused review of what Claude Code or Codex can newly read, run, discover, or bypass.
$ harnessdelta . origin/main...HEAD
HarnessDelta 0.1.1: 3 agent configuration files changed
CRITICAL HD231 .codex/config.toml
The Codex sandbox changed to danger-full-access.
HIGH HD221 .claude/settings.json
1 hook or MCP execution endpoint was added or changed.
LOW HD102 packages/api/AGENTS.md
Repository instructions changed; content omitted.
Findings: 1 critical, 1 high, 0 medium, 1 low
A normal diff tells you text changed. HarnessDelta labels the agent-facing consequence and keeps sensitive values redacted.
New or changed hook commands, URLs, and MCP server definitions.
Added grants, removed denies, bypass modes, and less interactive approvals.
Codex changes that expand filesystem or process access.
Added, removed, or changed AGENTS.md, CLAUDE.md, and path rules.
Skills, agents, commands, plugins, and marketplace metadata.
Introduced bidi controls, invisible characters, and likely embedded credentials.
Node.js 18+ and Git are the only requirements.
npx --yes --registry=https://codeberg.org/api/packages/automa-tan/npm/ harnessdelta . --checkharnessdelta . origin/main...HEAD --markdownharnessdelta . --staged --jsonHarnessDelta is static and version-agnostic. It does not claim that a particular harness loaded a file or that a finding is exploitable. Use runtime status commands when that distinction matters.