Skip to content

Who is it for?

Polychro looks like a different tool depending on where you sit. The same engine is an agent guardrail to one team, a CI gate to another, and a rule authoring platform to a third. This page helps you find the framing that fits you, then points you at the guide to start with.

The one-sentence version: Polychro reads a spec โ€” YAML, JSON, XML, Markdown, or HTML โ€” and tells you what's wrong with it in a single, fast pass: structural mistakes, schema violations, broken conventions, and security anti-patterns. One binary, one config, one diagnostic format.


๐Ÿค– You're building AI agents or tools

Your agent generates specs โ€” capabilities, MCP manifests, configs, docs โ€” and you need a deterministic guardrail that catches mistakes before they reach production, without slowing the loop.

What Polychro can do for you:

  • Validate in the same turn the agent generates. Sub-second, in-process โ€” no 2โ€“5 s subprocess startup โ€” so it fits inside a tight generate-validate-retry loop.
  • Call it over MCP. polychro serve exposes linting as MCP tools, so an agent can lint its own output with a tool call. โ†’ MCP server guide
  • Get LLM-native output. The --format agent mode emits diagnostics shaped for a model to read and act on.
  • Embed it in the JVM. Drop polychro-core on the classpath and lint in-process โ€” no Node.js runtime, no shell-out.
You might beโ€ฆ Start with
An AI agent framework, an MCP tool author, or a JVM app linting in-process MCP server guide ยท Getting started

๐Ÿ›ก You run CI or a platform

You're a platform or DevOps engineer who needs to gate specs in CI and enforce governance across many repos โ€” without bolting together a pile of linters.

What Polychro can do for you:

  • Gate any spec in CI. The GitHub Action lints on every PR and emits SARIF, so findings show up inline in the GitHub UI. โ†’ GitHub Action guide
  • Collapse the toolchain. One binary replaces a Docker meta-linter, a separate rule engine, and several config files โ€” one config, one diagnostic format.
  • Run anywhere. A GraalVM-native binary for Linux, macOS, and Windows with sub-second cold start โ€” no JVM, no Node.js, no Docker dependency.
  • Enforce governance, not just schema. Built-in governance, ai-safety, and security rulesets catch the runtime traps schema validation misses โ€” port conflicts, dangling references, unreachable steps, secret exposure, and prompt-injection surfaces in tool descriptions. โ†’ Rulesets guide
You might beโ€ฆ Start with
A platform/DevOps engineer running CI gates or governance across repos GitHub Action guide ยท Configuration guide

๐Ÿ“ You author specs or rules

You write OpenAPI, AsyncAPI, capabilities, or your own spec format โ€” and you want consistent, custom validation that goes beyond what a schema can express.

What Polychro can do for you:

  • Reuse your Spectral rules. Polychro speaks the Spectral ruleset format natively (given/then), so existing rule investment carries over unchanged.
  • Lint more than OpenAPI. Arbitrary YAML, JSON, XML, Markdown, and HTML are first-class โ€” capabilities, CRDs, instruction files, even HTML emails.
  • Write rules in your language. Custom rule functions in sandboxed JavaScript, Python, or Groovy โ€” or native Java via the RuleFunction SPI for the fastest path.
  • Add whole validators. The ServiceLoader SPI lets you drop in a custom validator with zero framework coupling. โ†’ Validator plugin guide
You might beโ€ฆ Start with
An API team, a ruleset author, or a tool author extending the SPI Rulesets guide ยท Validator plugin guide

Not sure which one you are?

Most teams are more than one of these at once โ€” that's the point. Pick the framing closest to your immediate goal, run its guide, then explore the others. The Features page is the exhaustive reference, and the Tutorial walks through a full generate-validate-fix loop end to end.