Metadata-Version: 2.4
Name: insa-its
Version: 4.8.7
Summary: Open-core multi-LLM communication monitoring, hallucination detection & deciphering for agent systems
Home-page: https://github.com/Nomadu27/InsAIts-public
Author: YuyAI / InsAIts Team
Author-email: info@yuyai.pro
Project-URL: Homepage, https://nomadu27.github.io/InsAIts-public/
Project-URL: Documentation, https://github.com/Nomadu27/InsAIts-public#readme
Project-URL: Changelog, https://github.com/Nomadu27/InsAIts-public/releases
Project-URL: Bug Tracker, https://github.com/Nomadu27/InsAIts-public/issues
Project-URL: Source, https://github.com/Nomadu27/InsAIts-public
Classifier: Development Status :: 5 - Production/Stable
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: Apache Software License
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Requires-Python: >=3.8
Description-Content-Type: text/markdown
License-File: LICENSE
License-File: LICENSE.premium
Requires-Dist: numpy>=1.20.0
Requires-Dist: requests>=2.26.0
Requires-Dist: websocket-client>=1.0.0
Provides-Extra: local
Requires-Dist: sentence-transformers>=2.2.0; extra == "local"
Provides-Extra: graph
Requires-Dist: networkx>=2.6.0; extra == "graph"
Provides-Extra: dashboard
Requires-Dist: textual>=0.40.0; extra == "dashboard"
Provides-Extra: full
Requires-Dist: sentence-transformers>=2.2.0; extra == "full"
Requires-Dist: networkx>=2.6.0; extra == "full"
Requires-Dist: textual>=0.40.0; extra == "full"
Dynamic: author
Dynamic: author-email
Dynamic: classifier
Dynamic: description
Dynamic: description-content-type
Dynamic: home-page
Dynamic: license-file
Dynamic: project-url
Dynamic: provides-extra
Dynamic: requires-dist
Dynamic: requires-python
Dynamic: summary

<!-- mcp-name: io.github.Nomadu27/insaits -->
# InsAIts — Runtime Security for Multi-Agent AI

**See what your agents say to each other. Stop the bad stuff before it ships.**

[![PyPI version](https://img.shields.io/pypi/v/insa-its.svg?color=cyan)](https://pypi.org/project/insa-its/)
[![PyPI downloads](https://img.shields.io/pypi/dm/insa-its.svg?color=cyan)](https://pypi.org/project/insa-its/)
[![Python 3.8+](https://img.shields.io/badge/python-3.8+-blue.svg)](https://www.python.org/downloads/)
[![License: Apache 2.0](https://img.shields.io/badge/License-Apache_2.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
[![Tests](https://img.shields.io/badge/tests-1900%2B%20passing-brightgreen.svg)]()
[![100% Local](https://img.shields.io/badge/processing-100%25%20local-green.svg)]()
[![OWASP MCP + Agentic AI](https://img.shields.io/badge/OWASP-MCP%20%2B%20Agentic%20AI-red.svg)]()
[![14-day trial](https://img.shields.io/badge/trial-14%20days%20full-yellow)]()

> **10,000+ installs** from PyPI. Integrated into the **AgentShield** runtime — a community fork of Anthropic's Claude Code ecosystem with 35k+ stars.

<p align="center">
  <img src="docs/assets/dashboard-v4.4.3-security-hero.png" alt="InsAIts live dashboard" width="820">
  <br>
  <em>Live threat dashboard — session score, anomaly feed, agent intelligence, OWASP alignment.
  <a href="https://nomadu27.github.io/InsAIts-public/">Visit the website →</a></em>
</p>

<p align="center">
  <a href="https://youtu.be/nRNsZcvha8s">Latest demo</a> •
  <a href="https://youtu.be/GyUC50-6jMw">Dashboard walkthrough</a> •
  <a href="https://youtu.be/kOFr2mdMGWI">Prototype</a>
</p>

---

## The problem

AI-to-AI communication is a blind spot.
Microsoft, CrowdStrike and Cisco can see that an agent exists — they cannot see
inside a spawn chain. When an agent spawns a subagent that spawns another
subagent, the behavior of those deeper agents is invisible to every enterprise
monitoring tool on the market today.

Meanwhile, agent-to-agent interactions fail silently. Hallucinations propagate
as "facts." Agents invent citations. Sensitive data leaks into tool chains.
Meaning drifts across messages. Tool descriptions change between discovery and
invocation. **The agents nobody watches are the agents that cause the most
damage.**

InsAIts makes this visible and acts on it.

---

## What it does

A runtime security layer that plugs into your agent stack. It observes every
message and every tool call, detects a wide class of multi-agent failures and
attacks, and can actively intervene — blocking, quarantining, rerouting, or
escalating to a human operator.

- **Full spawn-tree visibility** — every agent, every subagent, every tool
  call. Attribution down to the exact caller. No blind spots.
- **Broad runtime coverage** — aligned with the OWASP MCP Top 10 and Agentic
  AI Top 10. Catches credential exposure, prompt injection, tool manipulation,
  data exfiltration, rogue behaviour, hallucination chains, covert channels,
  and more.
- **Active protection, not just alerting** — critical anomalies can be
  quarantined, rerouted, or escalated to a human. Configurable per severity.
- **100% local by default** — your agent traffic never leaves the box. No
  cloud round-trips. Audit logs store hashes, not raw content. GDPR-ready.
- **Tamper-evident audit trail** — hash-chained so any modification is
  detectable. Export-ready for compliance review.
- **Live dashboard** — real-time threat score, agent intelligence, anomaly
  stream, circuit-breaker grid, OWASP coverage.
- **Drop-in integrations** — LangChain, CrewAI, LangGraph, AutoGen/ag2, and
  direct Claude Code / Cursor / Windsurf / Codex / Aider hook support.

---

## Install

```bash
pip install insa-its[full]
```

### Quick start

```bash
# Terminal 1 — event hub
insaits-collector

# Terminal 2 — live dashboard
insaits-dashboard

# Open http://localhost:5001
```

Three lines to integrate in Python:

```python
from insa_its import insAItsMonitor

monitor = insAItsMonitor()
result = monitor.send_message(
    text=agent_response,
    sender_id="OrderBot",
    receiver_id="InventoryBot",
    llm_id="gpt-4o",
)
# Act on the result — see the user guide for the full API.
```

That's the whole public surface you need to start. The rest of the behaviour
is configured through the dashboard or `.insaits_config.json` — no code
changes required.

### Claude Code integration

One hook entry in `.claude/settings.json` gives you pre-execution gating,
full tool-call audit, spawn-tree attribution, and session continuity across
compaction. See the user guide for the exact snippet.

> **Session-length multiplier.** InsAIts captures a lightweight session vault
> after each tool call. After context compaction, the next session resumes
> from a sub-kilobyte brief instead of re-reading thousands of tokens of
> history. Users report Claude Code Opus sessions going from ~40 min to
> 3h+ on the same Pro plan.

Minimal install (no local embeddings):

```bash
pip install insa-its
```

---

## Pricing

All detection features are available under **open-core** (Apache 2.0). You pay
for productivity, longer sessions, premium detectors, and team features.

| Tier | Monthly | Lifetime | What you get |
|------|--------:|---------:|--------------|
| **Trial** | free | 14 days | Full feature access. No card required. |
| **Starter** | **€10** | **€99** | Full detection + reliability gates + session vault + dashboard. |
| **Pro** | **€49** | **€299** | Starter + advanced context engineering, inter-session dialog, forensic export, Decipher engine, priority support. |
| **Enterprise** | from €200 | custom | SOC2-ready audit export, multi-seat, white-label dashboard, dedicated support. |

### Activate

Pick a link. Your license key arrives by email after checkout.

- [**Starter — €10/month**](https://buy.stripe.com/eVq7sLdsbgItgTqaaIb3q0a)
- [**Pro — €49/month**](https://buy.stripe.com/bJefZhewffEpeLieqYb3q01)
- [**Starter Lifetime — €99**](https://buy.stripe.com/eVq4gzfAjcsd6eMfv2b3q09)
- [**Pro Lifetime — €299**](https://buy.stripe.com/3cI8wPfAjak5bz61Ecb3q04)

Install:

```bash
export INSAITS_LICENSE_KEY="insaits_live_..."
insaits-collector
```

Enterprise and custom: `info@yuyai.pro`.

### Passive mode

When the trial lapses and no key is set, detection still runs and anomalies
still surface on the dashboard. What unlocks with a paid key is active
intervention — the corrective signals the layer sends back to your agents.
You always see everything InsAIts catches.

---

## Coverage

InsAIts covers both the **OWASP MCP Top 10** and the **OWASP Agentic AI
Top 10**. Threat types are grouped into:

- **Security** — credential leakage, prompt injection, tool poisoning,
  data exfiltration, unauthorised access, covert channels, shadow servers.
- **Hallucination & grounding** — cross-agent contradictions, phantom
  citations, ungrounded claims, confidence decay.
- **Semantic & communication** — meaning drift, emergent shorthand,
  context loss, inter-agent jargon.
- **Behavioural** — rogue deviation from baseline, probing patterns,
  rapid tool-call anomalies, loop detection.
- **Reliability** — premature completion claims, unverified assertions,
  file-reference hallucinations, escalation on repeated failures.

Detection is implemented across many adapters and detectors — the exact set
is under open-core and can be toggled per deployment. The premium tier adds
semantic divergence scoring, advanced rogue-subagent tracking, and the
compliance export engine.

---

## Live dashboard

The web dashboard renders in real time on `http://localhost:5001`:

- Session threat score with stage label (safe → watch → alert → isolate)
- Live anomaly stream with severity colour coding
- Per-agent intelligence and trust scores
- Circuit-breaker grid for blocked agents
- OWASP alignment panel
- Tool-call inspector with full spawn-tree drill-down
- Token-usage panel with cost estimates

A companion terminal dashboard is available for VS Code split-panes:

```bash
pip install insa-its[dashboard]
insaits-tui
```

---

## Audit & compliance

- Hash-chained audit log — SHA-256 per entry, verifiable integrity.
- Prometheus metrics endpoint for existing monitoring stacks.
- Forensic export of rogue agent behaviour — timeline, intent, threat score.
- SOC2-ready evidence chain (Pro / Enterprise).
- 100% local processing. Audit logs store hashes, never raw content. API
  keys are hashed before storage. GDPR-aligned by default.

---

## Integrations

LangChain • CrewAI • LangGraph • AutoGen / ag2 • Claude Code • Cursor •
Windsurf • Codex CLI • Aider • Continue.dev • Kiro •
Slack notifier • Notion export • Airtable export • Prometheus metrics.

Wire-up for each integration is documented in the user guide. A typical
integration is a one-liner wrap on your chain / crew / graph object.

---

## Architecture (high-level)

```
Your multi-agent system
        │
        ▼
┌─────────────────────────┐
│   InsAIts runtime layer │    ← detection, intervention, circuit-breakers
└─────────────────────────┘
        │
        ├── local event hub (port 5003)
        ├── live dashboard  (port 5001)
        └── tamper-evident audit log (local disk)
```

Everything runs on your machine. No message content leaves the box.

---

## Use cases

| Industry | What InsAIts catches |
|----------|----------------------|
| **E-commerce** | Order bots losing context mid-transaction |
| **Customer service** | Agents developing incomprehensible shorthand |
| **Finance** | Analysis pipelines hallucinating metrics between agents |
| **Healthcare** | Multi-agent decisions where errors have consequences |
| **Research** | Fabricated citations, phantom papers |
| **Legal** | AI-generated documents with ungrounded references |
| **Security** | Red-team AI exercises, exfiltration attempts, compliance |
| **DevOps** | Claude Code / Copilot tool calls in CI/CD pipelines |

---

## What's new

Each release focuses on a specific reliability or cost axis. The most recent
work targeted token efficiency under long multi-agent runs — corrective
signals are now more surgical, which reduces Claude-context overhead during
continuous monitoring without sacrificing coverage. Full notes on the
[GitHub releases page](https://github.com/Nomadu27/InsAIts-public/releases).

---

## Documentation & support

- User guide + installation: [installation_guide.md](installation_guide.md)
- Live API reference: [insaits-api.onrender.com/docs](https://insaits-api.onrender.com/docs)
- Privacy policy: [PRIVACY_POLICY.md](../PRIVACY_POLICY.md)
- Terms of service: [TERMS_OF_SERVICE.md](TERMS_OF_SERVICE.md)
- Email: **info@yuyai.pro**
- Issues: [GitHub Issues](https://github.com/Nomadu27/InsAIts/issues)
- API status: [insaits-api.onrender.com](https://insaits-api.onrender.com)

---

## License

**Open-core model.**

- Core SDK (Apache License 2.0) — free to use, modify and distribute.
- Premium features (shipped with `pip install insa-its`) — proprietary, gated
  by license key.

---

<p align="center">
<strong>InsAIts — Making multi-agent AI trustworthy, auditable and secure.</strong><br>
<em>OWASP MCP + Agentic AI Top 10 coverage • Full spawn-tree visibility • Tamper-evident audit • 100% local • 1900+ tests passing.</em><br><br>
<strong>Starter from €10/month · Pro from €49/month · Enterprise custom</strong><br>
<strong>Contact: info@yuyai.pro</strong>
</p>
