VeriContext tries to make those docs verifiable.
When a doc references code, it embeds a SHA-256 hash of the exact snippet inside an HTML comment. On verification, either it matches or it fails (fail-closed).
What’s useful in practice is the workflow around it: • You can install it as an agent skill, so the agent runs verification before finishing a task / finalizing a plan / committing, and updates the citations/hashes when it edits docs. • You can also enforce it mechanically via pre-commit hooks or CI, e.g. npx vericontext verify workspace ..., so stale docs simply can’t be merged.
This way docs aren’t “trusted” — they’re constrained to stay aligned with code.
I’d love feedback on trade-offs (strict fail-closed vs. ergonomics), and whether AST-aware verification would be worth it vs. raw snippet hashing.