Module B · ARIADA mosaic platform

The CI/CD a11y gate that knows what's new.

Block pull requests that introduce new web-accessibility, privacy, or security violations — while tolerating pre-existing technical debt. The gate every team thought they already had.

Free for OSS public repos. Team tier $99/mo (org). EAA 2025 audit-ready signed evidence per build.

Install GitHub Action How it works

Who Clamper is for

DevOps & Platform Engineers

One YAML policy at the org root cascades to repo + branch + environment. Stop maintaining bespoke pipeline glue per repo.
VP Engineering

Hierarchical policy that child teams can only tighten, never relax. Gradient enforcement rolls out without a dev revolt.
Compliance Officers

Hash-chained signed audit record per build. Schema cross-walks to EN 301 549 §10/§11. EAA-ready evidence.

Where Clamper sits in the stack

Clamper is the gate, not the scanner. It consumes findings from the upstream Ariada scanner pipeline and applies a configurable policy to every PR or deploy. The purple thread connects all eight layers; clamper highlights Layer 5.

Governance & dashboards ariada.ai
Visualization & comms draculascan
CI/CD compliance gate clamper.ai
Remediation reverter.ai
Authorship attribution blamer.ai
Cross-domain mapping shared core
Single-pass DOM iteration ariada engine
Platform AX tree + axe-core shared core

Clamper operates at Layer 5 (the gate). Findings flow up from Layers 0–3; gate decisions flow out to Layer 7 (governance) and audit storage.

"Did this PR introduce a new violation?" — the question existing CI tools cannot answer.

What makes Clamper different

Existing CI accessibility tools (Pa11y CI, Lighthouse CI, cypress-audit, Equa11y) treat all violations identically. A repo with 200 pre-existing colour-contrast violations and one new missing-alt-text gets the same red build as one with 201 pre-existing. Teams disable the gate within days. Clamper fingerprints every finding and classifies it as new, pre-existing, or resolved against a per-branch baseline — so you only block on the delta.

Comparison against the four open-source CI gates with measurable adoption (GitHub stars). Sources cited on /why.
Capability	Pa11y CI	Lighthouse CI	Equa11y	cypress-audit	Clamper
Baseline delta classification	No	No	No	No	Yes
Hierarchical policy (org / team / repo)	No	No	No	No	Yes
Exemption ledger with expiry	No	No	No	No	Yes
Hash-chained signed audit record	No	No	No	No	Yes
Multi-domain (a11y + privacy + security)	a11y only	a11y + perf	a11y only	a11y + perf	Yes (Team tier)

Three ways to install

1. GitHub Action

Two-minute YAML snippet in .github/workflows/clamper.yml. PR-level gate; inline review comments per finding.

See setup
2. Vercel Marketplace App

One-click install. Every preview deploy is gated via the Vercel Checks API. Promotion to production blocks on regression.

See setup
3. CLI Tool

npx @clamper/cli scan — local pre-commit checks and CI/CD quality gates outside GitHub or Vercel.

See setup

The CI/CD a11y gate that knows what's new.

Who Clamper is for

DevOps & Platform Engineers

VP Engineering

Compliance Officers

Where Clamper sits in the stack

What makes Clamper different

Three ways to install

1. GitHub Action

2. Vercel Marketplace App

3. CLI Tool