{"id":46032554,"url":"https://github.com/antropos17/aegis","last_synced_at":"2026-03-08T23:13:25.851Z","repository":{"id":339103619,"uuid":"1160039722","full_name":"antropos17/Aegis","owner":"antropos17","description":"Independent AI Oversight Layer — monitors what AI agents do on your computer. Open-source, privacy-first, no telemetry.","archived":false,"fork":false,"pushed_at":"2026-02-25T04:50:34.000Z","size":3563,"stargazers_count":11,"open_issues_count":33,"forks_count":3,"subscribers_count":0,"default_branch":"master","last_synced_at":"2026-02-25T07:54:59.079Z","etag":null,"topics":["ai-agents","ai-security","cybersecurity","developer-tools","electron","monitoring","open-source","privacy"],"latest_commit_sha":null,"homepage":null,"language":"Svelte","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/antropos17.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-02-17T13:23:45.000Z","updated_at":"2026-02-25T04:50:37.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/antropos17/Aegis","commit_stats":null,"previous_names":["antropos17/aegis"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/antropos17/Aegis","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/antropos17%2FAegis","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/antropos17%2FAegis/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/antropos17%2FAegis/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/antropos17%2FAegis/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/antropos17","download_url":"https://codeload.github.com/antropos17/Aegis/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/antropos17%2FAegis/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29960237,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-01T01:47:18.291Z","status":"online","status_checked_at":"2026-03-01T02:00:07.437Z","response_time":124,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai-agents","ai-security","cybersecurity","developer-tools","electron","monitoring","open-source","privacy"],"created_at":"2026-03-01T04:10:37.780Z","updated_at":"2026-03-08T23:13:25.844Z","avatar_url":"https://github.com/antropos17.png","language":"Svelte","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003ch1 align=\"center\"\u003eAEGIS\u003c/h1\u003e\n  \u003cp align=\"center\"\u003e\u003cb\u003eEDR for AI Agents\u003c/b\u003e\u003c/p\u003e\n  \u003cp align=\"center\"\u003eWatches what AI agents do on your machine. Processes, files, network, risk scoring.\u003cbr\u003eNo telemetry. No cloud. Everything stays local.\u003c/p\u003e\n  \u003cp align=\"center\"\u003e\u003ci\u003eWith autonomous agents like OpenClaw (247K+ GitHub stars) gaining access to local files, credentials, and shell — somebody needs to watch.\u003c/i\u003e\u003c/p\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://github.com/antropos17/Aegis/releases/latest\"\u003e\u003cimg src=\"https://img.shields.io/github/v/release/antropos17/Aegis?include_prereleases\u0026style=flat-square\u0026label=Release\" alt=\"Release\"\u003e\u003c/a\u003e\n  \u003cimg src=\"https://img.shields.io/github/actions/workflow/status/antropos17/Aegis/ci.yml?style=flat-square\u0026label=CI\" alt=\"CI\"\u003e\n  \u003cimg src=\"https://img.shields.io/badge/Tests-593%20passing-brightgreen?style=flat-square\" alt=\"Tests\"\u003e\n  \u003cimg src=\"https://img.shields.io/badge/License-MIT-blue?style=flat-square\" alt=\"MIT License\"\u003e\n  \u003cimg src=\"https://img.shields.io/badge/Platform-Win%20%7C%20macOS%20%7C%20Linux-lightgrey?style=flat-square\" alt=\"Platform\"\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"https://github.com/antropos17/Aegis/releases/download/v0.3.0-alpha/demo-trimmed.gif\" alt=\"AEGIS Demo\" width=\"800\"\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"#download\"\u003eDownload\u003c/a\u003e \u0026middot;\n  \u003ca href=\"https://github.com/antropos17/Aegis/issues/new?template=01-bug-report.yml\"\u003eReport Bug\u003c/a\u003e \u0026middot;\n  \u003ca href=\"https://github.com/antropos17/Aegis/issues/new?template=02-feature-request.yml\"\u003eFeature Request\u003c/a\u003e \u0026middot;\n  \u003ca href=\"CONTRIBUTING.md\"\u003eContributing\u003c/a\u003e\n\u003c/p\u003e\n\n---\n\n## Why AEGIS?\n\nAI agents now have deep access to your machine — files, commands, network. Every existing AI security tool is enterprise SaaS that monitors what humans send *to* AI. Nobody monitors what AI agents do *on local machines*.\n\nCrowdStrike, Cisco, and Kaspersky have all flagged security risks in autonomous AI agents. Aegis is the open-source answer.\n\nAEGIS is an independent, open-source monitoring layer. It watches AI agent behavior in real time, doesn't belong to any AI vendor, and keeps all data local.\n\n## What It Monitors\n\n| Layer | How |\n|-------|-----|\n| **Processes** | 107 known AI agent signatures, parent-child tree resolution, IDE host detection |\n| **Files** | Watches `.ssh`, `.aws`, `.gnupg`, `.env*`, cloud configs, 27 AI agent config dirs |\n| **Network** | Outbound TCP per agent PID, reverse DNS, known API endpoints vs unknown |\n| **Behavior** | Rolling 10-session baselines, 4-axis anomaly scoring (Network/FS/Process/Baseline) |\n| **Local LLMs** | Ollama, LM Studio, vLLM, llama.cpp runtime detection |\n\n## How It Compares\n\n| | AEGIS | Lasso / Prompt Security / PromptArmor |\n|-|:-----:|:--------------------------------------:|\n| Runs locally | Yes | Cloud |\n| Open source | MIT | No |\n| Free | Yes | Enterprise |\n| Monitors file access | Yes | No |\n| Detects local LLMs | Yes | No |\n\n\u003e **AEGIS is the only open-source, local-first AI agent monitor.**\n\n## Download\n\n### From Source (all platforms)\n```bash\ngit clone https://github.com/antropos17/Aegis.git\ncd Aegis\nnpm install\nnpm start\n```\n\n\u003e Requires **Node.js 18+** and **npm 9+**. Windows 10/11 recommended. macOS/Linux experimental ([#37](https://github.com/antropos17/Aegis/issues/37)).\n\n### Try Without AI Agents\n\nDon't have AI agents running? Demo mode lets you explore the full dashboard with simulated data — no real monitoring, no real processes.\n\n```bash\nnpm run build:demo \u0026\u0026 npm start\n```\n\nDemo mode runs a scenario engine that cycles through four threat phases — **calm → elevated → critical → reset** — with up to 12 simulated AI agents (Claude Code, Copilot, Cursor, and more). File access events, network connections, anomaly scores, and risk assessments are all generated in real time so every tab and feature is fully functional.\n\nUse it to evaluate AEGIS before deploying, demo the UI to your team, or develop new features without needing a live Windows environment.\n\n### Windows Installer\n\nPre-built `.exe` installer is coming in a future release. Track progress in [Releases](https://github.com/antropos17/Aegis/releases).\n\n\u003c!-- TODO: uncomment when CI builds .exe\n[![Download](https://img.shields.io/badge/Download-Windows%20Installer-00ff88?style=for-the-badge\u0026logo=windows\u0026logoColor=white)](https://github.com/antropos17/Aegis/releases/latest)\n--\u003e\n\n### Release History\n\n| Version | Date | Highlights |\n|---------|------|------------|\n| [v0.8.2-alpha](https://github.com/antropos17/Aegis/releases/tag/aegis-v0.8.2-alpha) | 2026-03-08 | formatBytes TS extraction, meaningful tests, branch cleanup |\n| [v0.8.1-alpha](https://github.com/antropos17/Aegis/releases/tag/aegis-v0.8.1-alpha) | 2026-03-07 | Patch release |\n| [v0.8.0-alpha](https://github.com/antropos17/Aegis/releases/tag/aegis-v0.8.0-alpha) | 2026-03-05 | Launch readiness: CSP hardened, OpenClaw integration, README overhaul |\n| [v0.7.0-alpha](https://github.com/antropos17/Aegis/releases/tag/aegis-v0.7.0-alpha) | 2026-03-04 | YAML rulesets, 68 rules, hot-reload, 568 tests |\n| [v0.5.0-alpha](https://github.com/antropos17/Aegis/releases/tag/aegis-v0.5.0-alpha) | 2026-03-03 | Fancy UI redesign, VisTimeline, AgentGraph |\n| [v0.4.0-alpha](https://github.com/antropos17/Aegis/releases/tag/aegis-v0.4.0-alpha) | 2026-03-03 | TypeScript infrastructure, perf, refactoring |\n\n## Features\n\n**Detection** — 107 agent signatures, parent chain resolution, config dir protection, per-agent risk scoring with trust grades (A+ through F), HTTP/User-Agent scoring, local LLM detection, false positive marking\n\n**Analysis** — Behavioral baselines with rolling averages, multi-dimensional anomaly detection, AI threat assessment via Anthropic API (opt-in), printable HTML threat reports\n\n**Dashboard** — Bento grid dashboard — RiskRing gauge, Sparklines, TrustBadge, agent stats, activity feed with filters, session timeline, agent cards with expandable details, protection presets (Paranoid/Strict/Balanced/Developer), dark/light theme, toast notifications, OOM protection, keyboard shortcuts (Ctrl+1-4)\n\n**Export** — JSON, CSV, HTML reports, one-click ZIP archive, JSONL audit logging (daily rotation, 30-day retention)\n\n**i18n** — Internationalization with English base (110+ strings), community translations welcome\n\n**CLI** — `--scan-json` for scripting, `--version`, `--help`\n\n## YAML Rulesets\n\n- 68 detection rules across 8 categories (AI config, secrets, SSH, cloud, browser, devtools, crypto, certificates)\n- JSON Schema validated, hot-reload without restart\n- Extend or override via `rules/custom/` directory\n\n## Screenshots\n\n\u003cdetails\u003e\u003csummary\u003e📸 Shield — Real-time Overview\u003c/summary\u003e\n\u003cimg src=\"docs/screenshots/01-shield-tab.png\" alt=\"Shield tab\" width=\"800\" /\u003e\n\u003c/details\u003e\n\n\u003cdetails\u003e\u003csummary\u003e📸 Activity Feed\u003c/summary\u003e\n\u003cimg src=\"docs/screenshots/02-activity-tab.png\" alt=\"Activity Feed\" width=\"800\" /\u003e\n\u003c/details\u003e\n\n\u003cdetails\u003e\u003csummary\u003e📸 Rules \u0026 Permissions\u003c/summary\u003e\n\u003cimg src=\"docs/screenshots/03-rules-tab.png\" alt=\"Rules \u0026 Permissions\" width=\"800\" /\u003e\n\u003c/details\u003e\n\n\u003cdetails\u003e\u003csummary\u003e📸 Reports \u0026 Export\u003c/summary\u003e\n\u003cimg src=\"docs/screenshots/04-reports-tab.png\" alt=\"Reports \u0026 Export\" width=\"800\" /\u003e\n\u003c/details\u003e\n\n\u003cdetails\u003e\u003csummary\u003e📸 Agent Statistics\u003c/summary\u003e\n\u003cimg src=\"docs/screenshots/05-stats-tab.png\" alt=\"Agent Statistics\" width=\"800\" /\u003e\n\u003c/details\u003e\n\n\u003cdetails\u003e\u003csummary\u003e📸 Settings\u003c/summary\u003e\n\u003cimg src=\"docs/screenshots/06-settings.png\" alt=\"Settings\" width=\"800\" /\u003e\n\u003c/details\u003e\n\n## Architecture\n\n```\n┌─────────────┐    ┌─────────────┐    ┌─────────────┐    ┌─────────────┐\n│   Process    │    │    File     │    │   Network   │    │     LLM     │\n│   Scanner    │    │   Watcher   │    │   Monitor   │    │  Detector   │\n│  (tasklist)  │    │ (chokidar)  │    │ (NetTCP+DNS)│    │(Ollama/LMS) │\n└──────┬───────┘    └──────┬──────┘    └──────┬──────┘    └──────┬──────┘\n       │                   │                  │                  │\n       └───────────┬───────┴──────────┬───────┘                  │\n                   │                  │                           │\n            ┌──────▼──────┐    ┌──────▼──────┐                   │\n            │  Baseline   │    │   Anomaly   │◄──────────────────┘\n            │   Engine    │    │  Detector   │\n            │(10-session) │    │  (4-axis)   │\n            └──────┬──────┘    └──────┬──────┘\n                   │                  │\n            ┌──────▼──────┐    ┌──────▼──────┐    ┌─────────────┐\n            │    Risk     │    │   Audit     │    │     CLI     │\n            │   Engine    │    │   Logger    │    │ (--scan-json│\n            │(time-decay) │    │  (JSONL/30d)│    │  --version) │\n            └──────┬──────┘    └──────┬──────┘    └─────────────┘\n                   │                  │\n            ┌──────▼──────┐    ┌──────▼──────┐\n            │  Dashboard  │    │ ZIP Writer  │\n            │ (Svelte IPC)│    │ (export)    │\n            └─────────────┘    └─────────────┘\n```\n\n**Stack**: Electron 33, Svelte 5, Vite 7, TypeScript, Vitest (593 tests across 35 files)\n\n## Agent Database\n\n107 agents in [`src/shared/agent-database.json`](src/shared/agent-database.json):\n\n**Coding** — Claude Code, GitHub Copilot, Cursor, Windsurf, Tabnine, Amazon Q, Cody, Aider\n**Autonomous** — OpenClaw, Devin, Manus AI, OpenHands, SWE-Agent, AutoGPT, BabyAGI, CrewAI\n**Desktop** — Anthropic Computer Use, Google Gemini, Apple Intelligence, Microsoft Copilot\n**Frameworks** — LangChain, Semantic Kernel, AutoGen, MetaGPT, TaskWeaver\n**Local LLMs** — Ollama, LM Studio, vLLM, llama.cpp, LocalAI, GPT4All, Jan\n\nAdd custom agents via the UI or edit the JSON. See [AGENTS.md](AGENTS.md).\n\n## Roadmap\n\n- [ ] GPU monitoring for local inference detection\n- [ ] OS-level enforcement (Windows Minifilter, macOS Endpoint Security, Linux eBPF)\n- [ ] Per-process file attribution (ETW, fanotify)\n- [ ] Container/VM detection (Docker, WSL)\n- [ ] Browser extension for web-based AI agents\n- [ ] Auto-update mechanism\n- [x] i18n / localization ([#53](https://github.com/antropos17/Aegis/issues/53))\n\n## Contributors\n\n\u003ctable\u003e\n  \u003ctr\u003e\n    \u003ctd align=\"center\"\u003e\u003ca href=\"https://github.com/antropos17\"\u003e\u003cimg src=\"https://github.com/antropos17.png\" width=\"80px;\" alt=\"\"/\u003e\u003cbr/\u003e\u003csub\u003e\u003cb\u003eAntropos7\u003c/b\u003e\u003c/sub\u003e\u003c/a\u003e\u003c/td\u003e\n    \u003ctd align=\"center\"\u003e\u003ca href=\"https://github.com/ElshadHu\"\u003e\u003cimg src=\"https://github.com/ElshadHu.png\" width=\"80px;\" alt=\"\"/\u003e\u003cbr/\u003e\u003csub\u003e\u003cb\u003eElshad Humbatli\u003c/b\u003e\u003c/sub\u003e\u003c/a\u003e\u003c/td\u003e\n    \u003ctd align=\"center\"\u003e\u003ca href=\"https://github.com/skmelendez\"\u003e\u003cimg src=\"https://github.com/skmelendez.png\" width=\"80px;\" alt=\"\"/\u003e\u003cbr/\u003e\u003csub\u003e\u003cb\u003eSteven Melendez\u003c/b\u003e\u003c/sub\u003e\u003c/a\u003e\u003c/td\u003e\n    \u003ctd align=\"center\"\u003e\u003ca href=\"https://github.com/travisbreaks\"\u003e\u003cimg src=\"https://github.com/travisbreaks.png\" width=\"80px;\" alt=\"\"/\u003e\u003cbr/\u003e\u003csub\u003e\u003cb\u003etravisbreaks\u003c/b\u003e\u003c/sub\u003e\u003c/a\u003e\u003c/td\u003e\n    \u003ctd align=\"center\"\u003e\u003ca href=\"https://github.com/raye-deng\"\u003e\u003cimg src=\"https://github.com/raye-deng.png\" width=\"80px;\" alt=\"\"/\u003e\u003cbr/\u003e\u003csub\u003e\u003cb\u003eraye-deng\u003c/b\u003e\u003c/sub\u003e\u003c/a\u003e\u003c/td\u003e\n    \u003ctd align=\"center\"\u003e\u003ca href=\"https://github.com/KJyang-0114\"\u003e\u003cimg src=\"https://github.com/KJyang-0114.png\" width=\"80px;\" alt=\"\"/\u003e\u003cbr/\u003e\u003csub\u003e\u003cb\u003eKJyang-0114\u003c/b\u003e\u003c/sub\u003e\u003c/a\u003e\u003c/td\u003e\n  \u003c/tr\u003e\n\u003c/table\u003e\n\n[CONTRIBUTING.md](CONTRIBUTING.md) \u0026middot; [SECURITY.md](SECURITY.md) \u0026middot; [CODE_OF_CONDUCT.md](CODE_OF_CONDUCT.md)\n\n## Support\n\nIf Aegis is useful to you, consider giving it a star on GitHub — it helps others discover the project.\n\n**Teams \u0026 Enterprise** — Need centralized dashboards, SIEM integration, or managed deployment? We're building it. [Get notified](mailto:aegis@antropos17.dev?subject=Aegis%20Enterprise%20Interest)\n\n## License\n\n[MIT](LICENSE)\n\n## Star History\n\n[![Star History Chart](https://api.star-history.com/image?repos=antropos17/Aegis\u0026type=timeline\u0026legend=top-left)](https://www.star-history.com/?repos=antropos17%2FAegis\u0026type=timeline\u0026legend=top-left)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fantropos17%2Faegis","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fantropos17%2Faegis","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fantropos17%2Faegis/lists"}