Metadata-Version: 2.4
Name: insa-its
Version: 4.9.1
Summary: Open-core multi-LLM communication monitoring, hallucination detection & deciphering for agent systems
Home-page: https://github.com/Nomadu27/InsAIts-public
Author: YuyAI / InsAIts Team
Author-email: info@yuyai.pro
Project-URL: Homepage, https://nomadu27.github.io/InsAIts-public/
Project-URL: Documentation, https://github.com/Nomadu27/InsAIts-public#readme
Project-URL: Changelog, https://github.com/Nomadu27/InsAIts-public/releases
Project-URL: Bug Tracker, https://github.com/Nomadu27/InsAIts-public/issues
Project-URL: Source, https://github.com/Nomadu27/InsAIts-public
Classifier: Development Status :: 5 - Production/Stable
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: Apache Software License
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Requires-Python: >=3.8
Description-Content-Type: text/markdown
License-File: LICENSE
License-File: LICENSE.premium
Requires-Dist: numpy>=1.20.0
Requires-Dist: requests>=2.26.0
Requires-Dist: websocket-client>=1.0.0
Provides-Extra: local
Requires-Dist: sentence-transformers>=2.2.0; extra == "local"
Provides-Extra: graph
Requires-Dist: networkx>=2.6.0; extra == "graph"
Provides-Extra: dashboard
Requires-Dist: textual>=0.40.0; extra == "dashboard"
Provides-Extra: full
Requires-Dist: sentence-transformers>=2.2.0; extra == "full"
Requires-Dist: networkx>=2.6.0; extra == "full"
Requires-Dist: textual>=0.40.0; extra == "full"
Dynamic: author
Dynamic: author-email
Dynamic: classifier
Dynamic: description
Dynamic: description-content-type
Dynamic: home-page
Dynamic: license-file
Dynamic: project-url
Dynamic: provides-extra
Dynamic: requires-dist
Dynamic: requires-python
Dynamic: summary

<!-- mcp-name: io.github.Nomadu27/insaits -->
# InsAIts — Runtime Security for Multi-Agent AI

**See what your agents actually do. Stop the bad stuff before it ships. Open-core. 100% local.**

[![PyPI version](https://img.shields.io/pypi/v/insa-its.svg?color=cyan)](https://pypi.org/project/insa-its/)
[![PyPI downloads](https://img.shields.io/pypi/dm/insa-its.svg?color=cyan)](https://pypi.org/project/insa-its/)
[![Python 3.9+](https://img.shields.io/badge/python-3.9+-blue.svg)](https://www.python.org/downloads/)
[![SDK License: Apache 2.0](https://img.shields.io/badge/SDK_License-Apache_2.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
[![Tests](https://img.shields.io/badge/tests-2%2C500%2B%20passing-brightgreen.svg)]()
[![100% Local](https://img.shields.io/badge/processing-100%25%20local-green.svg)]()
[![OWASP MCP+Agentic](https://img.shields.io/badge/OWASP-MCP%2010%2F10%20%2B%20Agentic%208%2F10-red.svg)]()
[![14-day trial](https://img.shields.io/badge/trial-14%20days%20full-yellow)]()

> **Open-core, not open-source.** This SDK + the MCP server are **Apache-2.0**. The live dashboard, tamper-evident evidence chain, and 9 additional detectors ship under a separate **paid tier** (14-day full trial). If you `pip install insa-its` and expect the dashboard, you'll be disappointed — that's the licensed download. The numbers in the badges are honest, the licensing label is honest.

<p align="center">
  <a href="https://youtu.be/nRNsZcvha8s">Latest demo</a> •
  <a href="https://youtu.be/GyUC50-6jMw">Dashboard walkthrough</a> •
  <a href="https://nomadu27.github.io/InsAIts-public/">Website</a>
</p>

---

## The problem

AI-to-AI communication is a blind spot. Microsoft, CrowdStrike and Cisco can see
that an agent exists; they cannot see inside a spawn chain. When an agent spawns
a subagent that spawns another subagent, the behaviour at every depth is invisible
to every enterprise monitoring tool on the market.

Meanwhile, agent-to-agent interactions fail silently. Hallucinations propagate
as "facts." Agents invent citations. Sensitive data leaks into tool chains.
Meaning drifts across messages. Tool descriptions change between discovery and
invocation. **The agents nobody watches are the agents that cause the most
damage.**

InsAIts makes this visible and acts on it.

---

## What it does

A runtime security layer that plugs into your agent stack. It observes every
message and every tool call, detects a wide class of multi-agent failures and
attacks, and can actively intervene — blocking, quarantining, rerouting, or
escalating to a human operator.

- **Full spawn-tree visibility** — every agent, every subagent, every tool
  call. Attribution down to the exact caller. No blind spots.
- **OWASP-mapped runtime coverage** — 10/10 OWASP MCP Top 10 categories,
  8/10+ OWASP Agentic AI Top 10. 41 mapped anomaly types. CVE references.
- **Active protection, not just alerting** — critical anomalies can be
  quarantined, rerouted, or escalated. Configurable per severity.
- **100% local by default** — agent traffic never leaves the box. No cloud
  round-trips. Audit logs store hashes, not raw content. GDPR-aligned.
- **Tamper-evident audit trail** — SHA-256 hash-chained, verifiable on demand.
- **Live dashboard** — real-time threat score, agent intelligence, anomaly
  stream, circuit-breaker grid (paid tier).
- **Drop-in integrations** — LangChain, CrewAI, LangGraph, AutoGen / ag2,
  Slack, Notion, Airtable, Webhook, File. Editors via MCP server (Claude Code,
  Cline, Cursor, Windsurf, Codex, Aider, Continue.dev, Kiro).

---

## Install

```bash
pip install insa-its[full]
```

`[full]` adds optional embeddings + graph + TUI dashboard extras. Either install variant exposes the MCP server.

### MCP server quick start (Claude Code / Cline / Cursor / etc.)

```json
{
  "mcpServers": {
    "insaits": {
      "command": "python",
      "args": ["-m", "insa_its.mcp.server"],
      "env": {
        "INSAITS_PROJECT": "<your project>",
        "INSAITS_MODEL": "claude-opus",
        "INSAITS_AUDIT_DIR": "~/.insaits/audit",
        "INSAITS_LICENSE_KEY": ""
      }
    }
  }
}
```

The four MCP tools exposed: `insaits_check` (quality gate), `insaits_preflight`
(ambiguity detection), `insaits_session_stats`, `insaits_alert`.

Smoke test: `python -m insa_its.mcp.server --demo`.

Full LLM-friendly install guide: [`llms-install.md`](../llms-install.md) at the monorepo root.

### Three-line Python integration

```python
from insa_its import insAItsMonitor

monitor = insAItsMonitor()
result = monitor.send_message(
    text=agent_response,
    sender_id="OrderBot",
    receiver_id="InventoryBot",
    llm_id="gpt-4o",
)
```

That's the whole public surface you need to start. The rest is configured via
the dashboard or `.insaits_config.json` — no code changes required.

---

## What you get (honest open-core split)

| Capability | `pip install insa-its` (Apache-2.0) | Paid tier (proprietary) |
|------------|:-----------------------------------:|:-----------------------:|
| Anomaly detectors | **21** | + **9 more** |
| Framework integrations | **9** | — |
| MCP server tools | **4** | — |
| Local audit log | ✅ | ✅ |
| Tamper-evident SHA-256 evidence chain | — | ✅ |
| Live HTTP dashboard (`http://localhost:5001`) | — | ✅ |
| Collector HTTP API (`http://localhost:5003`, **27** endpoints) | — | ✅ |
| RABE forensic export | — | ✅ |
| Inter-session dialog bus + session vault | — | ✅ |
| Threat-Readiness Score (TRS) | — | ✅ |
| OWASP MCP Top 10 coverage | 9/10 | 10/10 |

**30 detectors total. 9 integrations. 27-endpoint API. 2,500+ tests passing.**

---

## Coverage

OWASP MCP Top 10: **10/10** categories with primary detectors (MCP01–MCP10 — MCP07 via architectural daemon-token authentication). OWASP Agentic AI Top 10: **8/10+** confirmed (ASI01–03, ASI06–10). 41 mapped `anomaly_type → OWASP code` entries. 5 explicit CVE references. Single source of truth: `services/owasp_mappings.py` in the API monorepo.

---

## Pricing

14-day full-feature trial. No card required. Then:

| Tier | Monthly | Lifetime | Get |
|------|--------:|---------:|-----|
| **Starter** | **€10** | **€99** | [Buy €10/mo](https://buy.stripe.com/eVq7sLdsbgItgTqaaIb3q0a) · [Lifetime €99](https://buy.stripe.com/eVq4gzfAjcsd6eMfv2b3q09) |
| **Pro** | **€49** | **€299** | [Buy €49/mo](https://buy.stripe.com/bJefZhewffEpeLieqYb3q01) · [Lifetime €299](https://buy.stripe.com/3cI8wPfAjak5bz61Ecb3q04) |
| **Enterprise** | from €200 | custom | info@yuyai.pro |

Starter unlocks: full detection + reliability gates + session vault + dashboard.
Pro adds: advanced context engineering, inter-session dialog, RABE forensic export, Decipher engine, priority support.
Enterprise adds: SOC2-ready audit export, multi-seat, white-label, dedicated support.

```bash
export INSAITS_LICENSE_KEY="insaits_live_..."
```

### Passive mode

When the trial lapses and no key is set, detection still runs and anomalies
still surface. What unlocks with a paid key is **active intervention** — the
corrective signals the layer sends back to your agents. You always see
everything InsAIts catches.

---

## For AI agents (machine-readable surface)

- **MCP Registry manifest:** [`server.json`](../server.json) at the monorepo root (schema 2025-12-11). Namespace `io.github.Nomadu27/insaits`.
- **Agent manifest:** [`AGENT_MANIFEST.json`](../AGENT_MANIFEST.json) — version, pricing, capabilities, OWASP coverage, install command.
- **Collector OpenAPI 3.1:** [`docs/openapi-collector.yaml`](../docs/openapi-collector.yaml) — 27 endpoints with full schemas.
- **Per-framework integration docs:** [`docs/integrations.md`](../docs/integrations.md).
- **Canonical numbers:** [`FEATURE_INVENTORY.md`](../FEATURE_INVENTORY.md). Always cite this file before claiming a number elsewhere.

---

## Live dashboard (paid tier)

The web dashboard renders in real time on `http://localhost:5001`:

- Session threat score with stage label (safe → watch → alert → isolate)
- Live anomaly stream with severity colour coding
- Per-agent intelligence and trust scores
- Circuit-breaker grid for blocked agents
- OWASP alignment panel
- Tool-call inspector with full spawn-tree drill-down
- Token-usage panel with cost estimates

A companion terminal dashboard ships in the SDK extras:

```bash
pip install insa-its[dashboard]
insaits-tui
```

---

## Audit & compliance

- Hash-chained audit log — SHA-256 per entry, verifiable integrity.
- Prometheus metrics endpoint for existing monitoring stacks.
- RABE forensic export of rogue agent behaviour — timeline, intent, threat score.
- SOC2-ready evidence chain (Pro / Enterprise).
- 100% local processing. Audit logs store hashes, never raw content. API keys hashed before storage. GDPR-aligned by default.

---

## Integrations

LangChain · CrewAI · LangGraph · AutoGen / ag2 · Slack · Notion · Airtable · Webhook · File. Editor-level (Claude Code, Cline, Cursor, Windsurf, Codex, Aider, Continue.dev, Kiro) via the MCP server.

Per-integration usage and code snippets: [`docs/integrations.md`](../docs/integrations.md) at the monorepo root.

---

## Architecture (high-level)

```
Your multi-agent system
        │
        ▼
┌─────────────────────────┐
│   InsAIts runtime layer │   ← detection, intervention, circuit-breakers
└─────────────────────────┘
        │
        ├── MCP server (stdio)               — open-core (in this wheel)
        ├── local audit log                  — open-core (in this wheel)
        ├── collector HTTP API (port 5003)   — paid tier (separate licensed download)
        ├── live dashboard (port 5001)       — paid tier
        └── tamper-evident evidence chain    — paid tier
```

The collector + dashboard files (`insaits_collector.py`, `insaits_web_dashboard.py`) live at the InsAIts.API monorepo root and are NOT shipped in the PyPI wheel. The console scripts `insaits-collector` / `insaits-dashboard` registered by `setup.py` look for those files at runtime — pip-only users see a friendly `FileNotFoundError` telling them to install the full package. This is by design.

---

## Who uses InsAIts

Three customer types matching three pricing tiers:

- **Solo developer** using Claude Code / Cline / Cursor → **Starter €10/mo**. *"Catch agent mistakes before they compound. Resume briefs after context compaction. `pip install insa-its`."*
- **Dev team** using multiple AI coding assistants → **Pro €49/mo**. *"Trace which tool call introduced a bug. Audit trails your team can review."*
- **Company deploying autonomous agents** in production (LangChain / CrewAI / LangGraph / AutoGen) → **Enterprise from €200/mo**. *"Detect and intervene in real time when an agent goes rogue. Zero cloud dependency."*

Future Type 4: companies whose AI **procurement agents** evaluate and buy SaaS autonomously — InsAIts is the guardian watching those buyer-agents.

---

## Measured results

Active intervention is only worth running if the corrective signals InsAIts
injects save more tokens than they cost. **Target: every 1 token in saves
10–50 tokens back** (avoiding redundant re-reads, premature-done loops,
unverified-fact spirals). The dashboard surfaces the per-session ratio; the
evidence chain makes it auditable. If your ratio drops below 1, the product
ships passive mode out of the box. Honesty about its own cost.

---

## Use cases by industry

| Industry | What InsAIts catches |
|----------|---------------------|
| **E-commerce** | Order bots losing context mid-transaction |
| **Customer service** | Agents developing incomprehensible shorthand |
| **Finance** | Analysis pipelines hallucinating metrics between agents |
| **Healthcare** | Multi-agent decisions where errors have consequences |
| **Research** | Fabricated citations, phantom papers |
| **Legal** | AI-generated documents with ungrounded references |
| **Security** | Red-team AI exercises, exfiltration attempts, compliance |
| **DevOps** | Claude Code / Copilot tool calls in CI/CD pipelines |

---

## What's new

Each release focuses on a specific reliability or cost axis. The most recent
work targeted token efficiency under long multi-agent runs, plus a Wave-3
audit pass on collector / dashboard / launcher reliability (16 fixes + 2
follow-ups, ~80 new tests). Full notes on the
[releases page](https://github.com/Nomadu27/InsAIts-public/releases).

---

## Documentation & support

- LLM-friendly install: [`llms-install.md`](../llms-install.md)
- Integrations: [`docs/integrations.md`](../docs/integrations.md)
- Collector OpenAPI: [`docs/openapi-collector.yaml`](../docs/openapi-collector.yaml)
- Live API reference: https://insaits-api.onrender.com/docs
- Privacy policy: [PRIVACY_POLICY.md](../PRIVACY_POLICY.md)
- Email: **info@yuyai.pro**
- Issues: [GitHub Issues](https://github.com/Nomadu27/InsAIts.API/issues)
- API status: https://insaits-api.onrender.com

---

## License

**Open-core model.**

- SDK (this wheel) — **Apache License 2.0**. Free to use, modify, redistribute.
- Proprietary components (collector + dashboard + 9 paid-tier detectors) — separate proprietary license, gated by license key, distributed via the licensed download.

---

<p align="center">
<strong>InsAIts — Runtime security monitor for AI agents.</strong><br>
<em>30 detectors · 9 integrations · 4 MCP tools · 27-endpoint collector API · OWASP MCP 10/10 + Agentic 8/10 · 2,500+ tests · 100% local · 14-day trial</em><br>
<strong>Starter €10/mo · Pro €49/mo · Lifetime from €99 · Enterprise custom</strong><br>
<strong>Contact: info@yuyai.pro</strong>
</p>
