Great Developer Experience in Safety Tools
Great Developer Experience in Safety Tools
Here's an uncomfortable truth about security tools: the best ones are rarely the most adopted. The most adopted ones are the ones developers actually enjoy using. In the security world, developer experience is a security feature — because tools that developers circumvent provide no security at all.
At Authensor, developer experience is not a secondary concern. It's a first-class design constraint that shapes every decision we make.
Why DX Matters for Safety
Safety tools have a unique adoption challenge. Unlike a code editor or a build tool, a safety tool's value proposition is preventing something bad from happening. The benefit is invisible — you don't see the incidents that didn't occur. The costs, however, are visible: latency, interruptions, false positives, and configuration overhead.
If the visible costs outweigh the invisible benefits in the developer's perception, the developer disables the tool. And a disabled safety tool is worse than no tool at all, because it creates the illusion of protection.
This means safety tools must fight harder for great DX than other categories. Every millisecond of latency, every unnecessary prompt, every confusing error message is a small nudge toward disabling the tool.
Our Design Principles
We follow five DX principles in SafeClaw:
1. Invisible When Correct — When SafeClaw allows an action, the developer should not notice. No toast notifications, no status bar changes, no performance degradation. The agent's action proceeds as if SafeClaw weren't there. Safety is felt only when it's needed. 2. Informative When Blocking — When SafeClaw denies or escalates an action, the developer should understand why immediately. Not "action denied" but "file write denied: path /etc/hosts is outside workspace boundary (policy rule: workspace-enforcement, line 12)." Enough context to either adjust the policy or understand why the agent's action was wrong. 3. Fast Enough to Forget — The classifier must be fast enough that the developer forgets it's there. Our target is under 5 milliseconds for 99% of actions, and we typically achieve under 1 millisecond. If developers start perceiving SafeClaw as "that thing that makes my agent slow," we've failed. 4. Easy to Start, Possible to Master — The setup wizard produces a working configuration in 60 seconds. Default policies cover common cases well. But for advanced users, every aspect of SafeClaw's behavior is configurable. The learning curve is gentle at the start and rewards deeper investment. 5. Standard Interfaces — SafeClaw uses standard formats and protocols everywhere. Configuration is YAML. Logs are JSON Lines. Real-time updates are SSE. Reports are CSV and JSON. The CLI follows Unix conventions. Nothing proprietary, nothing that requires learning a custom DSL or protocol.Concrete DX Decisions
These principles manifest in specific design choices:
Smart defaults over manual configuration — New users get a sensible configuration without reading the docs. The setup wizard asks five questions and produces a configuration that works for most cases. Users customize only when they have specific needs. Error messages are documentation — Every error message includes what happened, why, and what to do about it. Error messages link to the relevant documentation page. We treat error messages as a UI surface that deserves the same care as the dashboard. CLI completion — SafeClaw's CLI supports shell completions for bash, zsh, and fish. Tab completion for command names, flag names, and even policy rule names makes the CLI discoverable without referencing docs. Local-first architecture — No account creation, no API keys, no cloud setup. Install SafeClaw and it works. The DX of cloud-dependent tools includes account creation, API key management, billing setup, and connectivity requirements. We eliminated all of that. Non-breaking updates — SafeClaw follows semantic versioning strictly. Configuration files are forward-compatible. Policy files written for v1.0 will work in v1.x. We never break a working setup with an update.Measuring DX
We track several DX metrics:
- Time from install to first protected session (target: under 2 minutes)
- False positive rate (target: under 1%)
- Median classification latency (target: under 1ms)
- Configuration file length for typical setups (target: under 20 lines)
These metrics appear in our internal dashboards alongside traditional performance and correctness metrics. If DX metrics degrade, we treat it as seriously as a bug.
Full documentation and configuration guides are on our docs site. The source code is on GitHub.
Great developer experience in a safety tool isn't about making safety invisible. It's about making safety effortless. The guard rail you don't have to think about is the one that actually protects you.