Skip to content
View tombruno-korext's full-sized avatar
1 follower · 0 following

Achievements

Achievement: Starstruckx2

Achievements

Achievement: Starstruckx2

Organizations

@Korext

Block or report tombruno-korext

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
tombruno-korext/README.md

Tom Bruno

Founder, Korext

Building open standards for AI code governance.

Website Open Source LinkedIn

I am the creator and lead maintainer of the Korext Open Source ecosystem: seven open standards and developer tools for AI code transparency, governance, and sustainability.

My work sits at the intersection of AI coding tools, platforms, code governance, and developer tooling. I built the Korext platform from zero to production, spanning five IDE extensions, a CLI, a GitHub Action, an MCP integration, and a Chrome extension, all focused on making AI generated code safe, governed, and auditable in enterprise and regulated environments.

Alongside building Korext, I bring over a decade of experience in product strategy, innovation, and engineering leadership at Google, where I have led initiatives across Chrome, web platform strategy, and developer ecosystems that shaped how developers and users experience the web.

I hold graduate degrees in Business, specializing in Innovation and Entrepreneurship from HEC Paris, and Electronics and Systems Engineering from UC Berkeley College of Engineering, alongside my foundation in Computer Science. That combination drives how I think about building: where technical progress meets real world adoption, where infrastructure constraints shape product decisions, and where standards create markets.

Based in the San Francisco Bay Area.

What I Maintain

ai-attestation Track AI generated code in any repository. Detects 19 AI coding tools from git history.

npm

ai-license Declare AI provenance in open source projects. Attaches to any existing license.

npm

supply-chain-attestation AI provenance across your dependency tree. 14 ecosystems. CycloneDX and SPDX.

npm

ai-incident-registry Public registry for AI code failures. AICI identifiers. Detection rule mapping.

npm

ai-code-radar Live data on AI code adoption across open source. Public API. Embeddable charts.

Dashboard

ai-regression-database Patterns AI coding tools consistently get wrong. Reproducible. Version tracked.

npm

commit-carbon Carbon footprint of AI assisted commits. CSRD, SEC, CDP compatible.

npm

enforce-action GitHub Action for AI code governance. Scan PRs. Block violations.

Action

All specifications are CC0 public domain. All code is Apache 2.0. All data is CC BY 4.0.

Pinned Loading

  1. Korext/ai-attestation Korext/ai-attestation Public

    Track AI generated code in your repository. Open standard. Detects 19 AI coding tools. CC0 spec.

    JavaScript 153 15

  2. Korext/ai-code-radar Korext/ai-code-radar Public

    Live data on AI code adoption across open source. Public API. Embeddable charts. Weekly reports.

    JavaScript 4

  3. Korext/ai-incident-registry Korext/ai-incident-registry Public

    Public registry for AI code failures. AICI identifiers. Detection rule mapping. Vendor notification.

    JavaScript 4

  4. Korext/commit-carbon Korext/commit-carbon Public

    Carbon footprint of AI assisted commits. CSRD, SEC, CDP compatible. Peer reviewed methodology.

    JavaScript 4

  5. Korext/enforce-action Korext/enforce-action Public

    GitHub Action for AI code governance. Scan pull requests. Block violations. Signed proof bundles.

    TypeScript 4

  6. Korext/supply-chain-attestation Korext/supply-chain-attestation Public

    AI provenance across your dependency tree. 14 ecosystems. CycloneDX and SPDX integration. Private registry.

    JavaScript 5 1