Maxwell Collins — Engineer code-rescue.com

I build production software with AI — and the systems that make AI's output trustworthy.

17 years and 100+ applications. I don't hand-write the code — I architect the system, set the rules that make wrong outcomes impossible, and direct AI to fill it in against them. The harness is the real work; the shipped code is the residue.

17 yrs building software 100+ applications first commit at age 12

Open to senior engineering roles — building on a team. · Tampa, FL · ET · remote-ready

§ 01 · how i work

One thesis runs through everything I build.

It shows up whether it’s a budget tracker, a million-line legacy estate, or a habit app. That consistency — not the size of the pile — is the signal that it’s judgment, not luck.

— enforced the same way across 40+ systems

  1. R1

    Declare a fact once.

    Every other surface derives from it — schema, rules, UI, audit. No hand-synced copies that drift apart.

  2. R2

    The AI proposes; a deterministic verifier disposes.

    Nothing a model generates reaches a side effect — a write, a deploy, a sent message — without passing a mechanical check it can't talk its way around.

  3. R3

    Make the mistake impossible.

    Bad actions are blocked structurally, before they can happen — fail-closed gates over careful prompts. And the guard proves it fires, or the build fails.

  4. R4

    Append-only, evidence-first.

    A claim without a resolvable citation doesn't ship. Truth resolves to a real artifact, or it doesn't count.

§ 02 · selected work

How to read the tags: repo is public — click to verify the code yourself. private · by capability is client work, described by what it does, never by whose it is. Designed-but-not-yet-built work is labeled as such; nothing here is inflated.

01Legacy estate · control plane private · by capability

Letting AI safely operate a million-line legacy estate

What
A federated control plane that lets AI agents read and reason over an 8-application, ~1.78M-line polyglot legacy estate (PHP, Laravel, iOS, Android) without ever breaking it.
Hard problem
Turning an un-editable, multi-decade brownfield — the kind that defeats whole teams — into something an AI can work over safely.
Approach
Tiered permissions (some repos read-only, some guarded-edit), a typed hook-event boundary grounded in real payloads, a fail-closed sentinel gate, and a control↔contract meta-test that refuses to ship a guard it can’t prove fires. Nine MCP code-graph servers over the estate.
Result
Agents operate the estate safely, with a complete, tamper-evident audit trail of everything they do.
02Correctness · by construction private · by capability

A SaaS where illegal states cannot compile

What
A property & trust-accounting platform where business law is encoded into the code itself, so a wrong value never reaches production.
Hard problem
Most systems catch bad data with tests and hope. The goal here was to make the bad state structurally impossible.
Approach
44 structural (ast-grep) rules with valid/invalid fixtures — penny-exact integer money, UUIDv7-only, no hard-delete, audit-log-on-insert — inside an 18-step quality gate that tests its own rules (a check that silently breaks turns the build red). A feature can’t be built until its contract survives a 7-agent adversarial review.
Result
The bug is removed by construction, not caught by luck.
03AI pipeline · hallucination firewall private · by capability

A document pipeline that cannot lie into its output

What
A six-stage pipeline that extracts findings from construction-bid PDFs with AI — and treats the model as untrusted.
Hard problem
A language model will confidently invent evidence that was never in the source.
Approach
Every finding survives only if its quoted evidence is a verbatim substring of the source page; on a miss it is permanently deleted to a forensic rejected-log. A hallucination firewall written in code, not hoped for in a prompt — behind a SHA-256 hash-chained audit.
Result
Hallucinations are structurally unable to reach the result, and that property is proven with tests.
04Voice-AI · eval & self-improvement private · by capability

AI that improves AI — without removing a safety rule

What
A multi-tenant platform that scores voice-agent calls, mines failure patterns across organizations, proposes prompt fixes, and gates them.
Hard problem
Letting AI tune AI without ever silently deleting a guardrail or pushing a regression live to real callers.
Approach
A four-layer quality gate — including two independent AI judges that block any change which would remove a safety instruction — plus a memory of fix-types that failed before, and a hard staging boundary: going live requires a human-only confirmation flag (designed after a real incident where an unguarded change took an agent partially offline).
Result
Every AI-proposed fix is held behind deterministic gates the whole way to production.
05Agent governance · plugin goalpost

goalpost — stopping agent goal-drift

What
A Claude Code plugin that stops an agent from drifting off task or claiming "done" before it is.
Hard problem
Reliably telling a real done-claim from narrow-scope completion text — portably, across BSD and GNU grep, with no word-boundary assertions.
Approach
Carve-out-aware completion-vocabulary detection, dual-layer state immutability (file-tool + bash), and a CLI that strips sycophancy-activating language from prompts — grounded in interpretability research.
Result
Fail-closed hooks that block a false "Stop" before it lands.
06Autonomous daemon · sensor-verified habit-daemon

habit-daemon — completion that can’t be gamed

What
An always-on daemon that refuses to take your word that you did something.
Hard problem
A self-report is worthless as evidence; the system has to verify against the real world.
Approach
Completion is checked against real sensor data (Concept2 erg, Garmin sleep, vision on a proof photo). A sensor outage degrades to "no data" — never a free pass. A verifier checks the model’s claimed writes against authorized paths and confirms each file on disk. Hash-chained, append-only audit.
Result
Ships with a real, cited scar: a tight retry loop once spawned ~370k dead sessions — backoff + a circuit breaker are in. I harden after every failure; I don’t claim there are none.
more public work
  • operator-doctrine the published theory the harnesses enforce — a taxonomy of how AI agents fail, and the countermeasures.
  • cc-guide an evidence-grounded Claude Code reference: 25 real agent failures, each tied to a primary source.
  • lazyrecall a Rust TUI for browsing, searching, and resuming Claude Code sessions.
  • research a research-workspace harness with hook-enforced source vetting.
§ 03 · background

Seventeen years, many domains — one engineering instinct.

Software, construction, home inspection, environmental, real estate. The range isn’t drift — it’s the same way of thinking applied wherever I went.

B.A., Economics (financial applications) — Southern Methodist University

  1. 2025 — now

    Independent engineering (as Code-Rescue)

    AI control planes, correctness-enforced systems, and citation-verified pipelines — 40+ projects, public and private.

  2. 2023 — now

    Founder / operator across home inspection & environmental services

    Built and ran the engineering, marketing, and compliance myself. FL Home Inspector (HI-18109).

  3. 2019 — 2023

    Project Manager & Real Estate Analyst

    A $10M+ portfolio of 20+ projects — plus the company website, data work, and field operations. Many hats; one engineering instinct.

  4. 2016 — 2023

    Full-Stack Developer & Product Manager — building-inspection SaaS

    Led end-to-end development of a connected SaaS suite; coordinated a team of 8 (Agile/SCRUM) at a 98% bug-free release rate.

  5. 2011 — 2016

    Self-taught foundations

    First code at 12, reverse-engineering online games. From 15: Java, C++, JS — 10+ game servers, 50+ freelance sites.