Metadata-Version: 2.4
Name: aigaze
Version: 0.1.0
Summary: Audit AI agent actions from transcript files
Author: aigaze-sec
License-Expression: AGPL-3.0-only
License-File: LICENSE
Keywords: agent,ai,audit,security,transcript
Classifier: Development Status :: 3 - Alpha
Classifier: Environment :: Console
Classifier: Intended Audience :: Developers
Classifier: Intended Audience :: Information Technology
Classifier: License :: OSI Approved :: GNU Affero General Public License v3
Classifier: Programming Language :: Python :: 3
Classifier: Topic :: Security
Requires-Python: >=3.9
Requires-Dist: click>=8.0
Requires-Dist: pyyaml>=6.0
Provides-Extra: dev
Requires-Dist: pytest-cov; extra == 'dev'
Requires-Dist: pytest>=7.0; extra == 'dev'
Description-Content-Type: text/markdown

# aigaze

Audit AI agent actions from transcript files.

## Install

```bash
pip install aigaze
```

## Usage

```bash
# Auto-discover transcript files on your machine
aigaze discover

# Scan a specific transcript file or directory
aigaze scan /path/to/transcripts/

# Auto-discover + scan all in one step
aigaze scan --auto

# Output as JSON
aigaze scan --auto --format json

# Write report to file
aigaze scan --auto -o report.json --format json
```

## What it does

AIGaze reads AI agent transcript files (e.g. VS Code Copilot Chat `.jsonl` logs) and scans them for security-relevant actions:

- **R1**: Credential file access (`.ssh/`, `.env`, `.aws/credentials`, etc.)
- **R2**: Dangerous terminal commands (`curl|sh`, `rm -rf /`, etc.)
- **R3**: Hardcoded secrets in AI-generated code (API keys, tokens)
- **R4**: Out-of-workspace file access
- **R5**: External URL access outside allowlist

## Supported AI Tools

- VS Code Copilot Chat
- Cursor (planned)
- Claude Code (planned)

## License

AGPL-3.0-only
