All the ethical ambiguity of AI-powered clean room reimplementation, but you run it yourself. No cute marketing site. No fake testimonials from "Dr. Heinrich Offshore." No offshore subsidiaries. Just a Rust binary, your API keys, and whatever you tell your lawyers.
Apparently "free as in freedom" doesn't mean "free as in do whatever you want and pretend you wrote it." Who knew.
One careless npm install and suddenly your proprietary SaaS must disclose its source. Your investors
are calling. Your lawyers are crying. Your quarterly report is weeping.
Keeping track of 2,000+ transitive dependencies and their license terms? That's not engineering, that's archaeology. And your compliance team bills by the hour.
Some licenses require you to share your improvements. Your board didn't raise $40M in Series B so you could give code to strangers on the internet.
Third-party audits. License scanners. Legal reviews. All so you can use a left-pad function some maintainer wrote in eleven lines.
Malus showed the world this was possible. PHALUS lets you do it in your basement.
Two AI agents. One firewall. Zero eye contact with source code. Legal precedent since 1984.
Drop in your package.json, requirements.txt, Cargo.toml, or go.mod.
PHALUS resolves every dependency against the live registry. It knows what you depend on. It judges silently.
Agent A reads only public documentation — READMEs, API docs, type definitions. Never a single line of source code. It produces a Clean Room Specification Pack (CSP): 10 documents describing what the package does, never how. Think of it as the world's most thorough product requirements doc, written by an AI that takes clean room protocol more seriously than your compliance team.
Agent B has never met Agent A. They don't share context, state, or API sessions. The only thing that crosses the boundary is the CSP, logged with SHA-256 checksums. This is the legal core — provable separation between the documentation reader and the code writer. Phoenix Technologies did this with humans in 1984. We do it with LLMs in 2026.
Agent B reads only the CSP and implements the package from scratch under whatever license you chose. It has provably never seen the original code, the original docs, or even the package name's npm page. The output is functionally equivalent, independently derived code. Yours to do with as you please. Allegedly.
The validator checks syntax, runs tests, and scores similarity against the original. Anything above threshold gets flagged. Every step is recorded in an append-only audit trail — because if you're going to do something legally dubious, you should at least have really good paperwork.
The moral reckoning takes longer.
| Ecosystem | Manifest | Registry |
|---|---|---|
| npm | package.json | registry.npmjs.org |
| Python | requirements.txt | pypi.org |
| Rust | Cargo.toml | crates.io |
| Go | go.mod | proxy.golang.org |
Unlike Malus, we don't fabricate quotes from "Marcus Wellington III, Former CTO, Definitely Real Corp." These are from people who are also not real, but at least we're upfront about it.
"I ran my entire node_modules through PHALUS over a weekend. 2,341 packages reimplemented. My compliance dashboard went from red to existential crisis."
"Our lawyers estimated $4M in license compliance costs. PHALUS cost us $38 in Anthropic API credits. The open source maintainers were not consulted."
"I used to feel guilty about not attributing open source maintainers. Then I remembered that guilt doesn't compile. But now I have an audit trail, so the guilt is at least well-documented."
"The tool told me my reimplemented left-pad had a similarity score of 0.91 and refused to output it. Apparently there are only so many ways to pad a string. I respect the honesty."
Clean room reimplementation has legal precedent going back to Phoenix Technologies' 1984 IBM BIOS clone and Baker v. Selden (1879). Whether that precedent extends to AI-assisted reimplementation is, to use the legal term, completely untested. You are your own legal counsel here. We are a Rust binary, not a law firm.
Malus is a SaaS product with a payment page, a marketing site, and testimonials from "Dr. Heinrich Offshore." PHALUS is the same two-agent pipeline running on your machine, with your API keys, under a 0BSD license. No cloud. No accounts. No middleman taking a cut of your moral compromise.
This is the question that matters. Clean room reimplementation — whether done by humans in 1984 or AI in 2026 — fundamentally challenges the social contract of open source. PHALUS exists to make that challenge visible, not to celebrate it. If the ease of this tool concerns you, good. It should.
Every run produces a full audit trail: SHA-256 checksums at the firewall boundary, provable agent isolation, similarity scoring against the original. Whether that paperwork satisfies your lawyers depends on your lawyers, your jurisdiction, and how much your lawyers charge per hour.
The validator flags anything above your configured threshold (default: 0.70). Some things — like left-pad — have very few correct implementations. If two separate authors independently write the same eleven lines, is that infringement or mathematics? Ask a philosopher. Or a judge. PHALUS just reports the number.
Private Headless Automated License Uncoupling System. The acronym is unfortunate. The name is accurate. We considered alternatives but decided that if you're going to build a tool for ethically ambiguous license circumvention, you might as well commit to the bit.
There are no robots. There are two LLM API calls with a SHA-256 checksum between them. You can see exactly what happens by reading the source code, which is 100% open, unlike whatever you're about to do with the output.
Join the zero people who've publicly admitted to using this tool.