https://github.com/antropos17/aegis

Independent AI Oversight Layer — monitors what AI agents do on your computer. Open-source, privacy-first, no telemetry.
https://github.com/antropos17/aegis

ai-agents ai-security cybersecurity developer-tools electron monitoring open-source privacy

Last synced: 4 months ago
JSON representation

Independent AI Oversight Layer — monitors what AI agents do on your computer. Open-source, privacy-first, no telemetry.

• Host: GitHub
• URL: https://github.com/antropos17/aegis
• Owner: antropos17
• License: mit
• Created: 2026-02-17T13:23:45.000Z (4 months ago)
• Default Branch: master
• Last Pushed: 2026-02-25T04:50:34.000Z (4 months ago)
• Last Synced: 2026-02-25T07:54:59.079Z (4 months ago)
• Topics: ai-agents, ai-security, cybersecurity, developer-tools, electron, monitoring, open-source, privacy
• Language: Svelte
• Size: 3.4 MB
• Stars: 11
• Watchers: 0
• Forks: 3
• Open Issues: 33
• Metadata Files:
  • Readme: README.md
  • Contributing: CONTRIBUTING.md
  • License: LICENSE
  • Security: SECURITY.md

Awesome Lists containing this project

README

          


  
AEGIS

  
EDR for AI Agents

  
Watches what AI agents do on your machine. Processes, files, network, risk scoring.
No telemetry. No cloud. Everything stays local.

  
With autonomous agents like OpenClaw (247K+ GitHub stars) gaining access to local files, credentials, and shell — somebody needs to watch.




  

  

  

  

  





  





  Download ·

  Report Bug ·

  Feature Request ·

  Contributing



---

## Why AEGIS?

AI agents now have deep access to your machine — files, commands, network. Every existing AI security tool is enterprise SaaS that monitors what humans send *to* AI. Nobody monitors what AI agents do *on local machines*.

CrowdStrike, Cisco, and Kaspersky have all flagged security risks in autonomous AI agents. Aegis is the open-source answer.

AEGIS is an independent, open-source monitoring layer. It watches AI agent behavior in real time, doesn't belong to any AI vendor, and keeps all data local.

## What It Monitors

| Layer | How |

|-------|-----|

| **Processes** | 107 known AI agent signatures, parent-child tree resolution, IDE host detection |

| **Files** | Watches `.ssh`, `.aws`, `.gnupg`, `.env*`, cloud configs, 27 AI agent config dirs |

| **Network** | Outbound TCP per agent PID, reverse DNS, known API endpoints vs unknown |

| **Behavior** | Rolling 10-session baselines, 4-axis anomaly scoring (Network/FS/Process/Baseline) |

| **Local LLMs** | Ollama, LM Studio, vLLM, llama.cpp runtime detection |

## How It Compares

| | AEGIS | Lasso / Prompt Security / PromptArmor |

|-|:-----:|:--------------------------------------:|

| Runs locally | Yes | Cloud |

| Open source | MIT | No |

| Free | Yes | Enterprise |

| Monitors file access | Yes | No |

| Detects local LLMs | Yes | No |

> **AEGIS is the only open-source, local-first AI agent monitor.**

## Download

### From Source (all platforms)

```bash

git clone https://github.com/antropos17/Aegis.git

cd Aegis

npm install

npm start

```

> Requires **Node.js 18+** and **npm 9+**. Windows 10/11 recommended. macOS/Linux experimental ([#37](https://github.com/antropos17/Aegis/issues/37)).

### Try Without AI Agents

Don't have AI agents running? Demo mode lets you explore the full dashboard with simulated data — no real monitoring, no real processes.

```bash

npm run build:demo && npm start

```

Demo mode runs a scenario engine that cycles through four threat phases — **calm → elevated → critical → reset** — with up to 12 simulated AI agents (Claude Code, Copilot, Cursor, and more). File access events, network connections, anomaly scores, and risk assessments are all generated in real time so every tab and feature is fully functional.

Use it to evaluate AEGIS before deploying, demo the UI to your team, or develop new features without needing a live Windows environment.

### Windows Installer

Pre-built `.exe` installer is coming in a future release. Track progress in [Releases](https://github.com/antropos17/Aegis/releases).

### Release History

| Version | Date | Highlights |

|---------|------|------------|

| [v0.8.2-alpha](https://github.com/antropos17/Aegis/releases/tag/aegis-v0.8.2-alpha) | 2026-03-08 | formatBytes TS extraction, meaningful tests, branch cleanup |

| [v0.8.1-alpha](https://github.com/antropos17/Aegis/releases/tag/aegis-v0.8.1-alpha) | 2026-03-07 | Patch release |

| [v0.8.0-alpha](https://github.com/antropos17/Aegis/releases/tag/aegis-v0.8.0-alpha) | 2026-03-05 | Launch readiness: CSP hardened, OpenClaw integration, README overhaul |

| [v0.7.0-alpha](https://github.com/antropos17/Aegis/releases/tag/aegis-v0.7.0-alpha) | 2026-03-04 | YAML rulesets, 68 rules, hot-reload, 568 tests |

| [v0.5.0-alpha](https://github.com/antropos17/Aegis/releases/tag/aegis-v0.5.0-alpha) | 2026-03-03 | Fancy UI redesign, VisTimeline, AgentGraph |

| [v0.4.0-alpha](https://github.com/antropos17/Aegis/releases/tag/aegis-v0.4.0-alpha) | 2026-03-03 | TypeScript infrastructure, perf, refactoring |

## Features

**Detection** — 107 agent signatures, parent chain resolution, config dir protection, per-agent risk scoring with trust grades (A+ through F), HTTP/User-Agent scoring, local LLM detection, false positive marking

**Analysis** — Behavioral baselines with rolling averages, multi-dimensional anomaly detection, AI threat assessment via Anthropic API (opt-in), printable HTML threat reports

**Dashboard** — Bento grid dashboard — RiskRing gauge, Sparklines, TrustBadge, agent stats, activity feed with filters, session timeline, agent cards with expandable details, protection presets (Paranoid/Strict/Balanced/Developer), dark/light theme, toast notifications, OOM protection, keyboard shortcuts (Ctrl+1-4)

**Export** — JSON, CSV, HTML reports, one-click ZIP archive, JSONL audit logging (daily rotation, 30-day retention)

**i18n** — Internationalization with English base (110+ strings), community translations welcome

**CLI** — `--scan-json` for scripting, `--version`, `--help`

## YAML Rulesets

- 68 detection rules across 8 categories (AI config, secrets, SSH, cloud, browser, devtools, crypto, certificates)

- JSON Schema validated, hot-reload without restart

- Extend or override via `rules/custom/` directory

## Screenshots

📸 Shield — Real-time Overview



📸 Activity Feed



📸 Rules & Permissions



📸 Reports & Export



📸 Agent Statistics



📸 Settings



## Architecture

```

┌─────────────┐    ┌─────────────┐    ┌─────────────┐    ┌─────────────┐

│   Process    │    │    File     │    │   Network   │    │     LLM     │

│   Scanner    │    │   Watcher   │    │   Monitor   │    │  Detector   │

│  (tasklist)  │    │ (chokidar)  │    │ (NetTCP+DNS)│    │(Ollama/LMS) │

└──────┬───────┘    └──────┬──────┘    └──────┬──────┘    └──────┬──────┘

       │                   │                  │                  │

       └───────────┬───────┴──────────┬───────┘                  │

                   │                  │                           │

            ┌──────▼──────┐    ┌──────▼──────┐                   │

            │  Baseline   │    │   Anomaly   │◄──────────────────┘

            │   Engine    │    │  Detector   │

            │(10-session) │    │  (4-axis)   │

            └──────┬──────┘    └──────┬──────┘

                   │                  │

            ┌──────▼──────┐    ┌──────▼──────┐    ┌─────────────┐

            │    Risk     │    │   Audit     │    │     CLI     │

            │   Engine    │    │   Logger    │    │ (--scan-json│

            │(time-decay) │    │  (JSONL/30d)│    │  --version) │

            └──────┬──────┘    └──────┬──────┘    └─────────────┘

                   │                  │

            ┌──────▼──────┐    ┌──────▼──────┐

            │  Dashboard  │    │ ZIP Writer  │

            │ (Svelte IPC)│    │ (export)    │

            └─────────────┘    └─────────────┘

```

**Stack**: Electron 33, Svelte 5, Vite 7, TypeScript, Vitest (593 tests across 35 files)

## Agent Database

107 agents in [`src/shared/agent-database.json`](src/shared/agent-database.json):

**Coding** — Claude Code, GitHub Copilot, Cursor, Windsurf, Tabnine, Amazon Q, Cody, Aider

**Autonomous** — OpenClaw, Devin, Manus AI, OpenHands, SWE-Agent, AutoGPT, BabyAGI, CrewAI

**Desktop** — Anthropic Computer Use, Google Gemini, Apple Intelligence, Microsoft Copilot

**Frameworks** — LangChain, Semantic Kernel, AutoGen, MetaGPT, TaskWeaver

**Local LLMs** — Ollama, LM Studio, vLLM, llama.cpp, LocalAI, GPT4All, Jan

Add custom agents via the UI or edit the JSON. See [AGENTS.md](AGENTS.md).

## Roadmap

- [ ] GPU monitoring for local inference detection

- [ ] OS-level enforcement (Windows Minifilter, macOS Endpoint Security, Linux eBPF)

- [ ] Per-process file attribution (ETW, fanotify)

- [ ] Container/VM detection (Docker, WSL)

- [ ] Browser extension for web-based AI agents

- [ ] Auto-update mechanism

- [x] i18n / localization ([#53](https://github.com/antropos17/Aegis/issues/53))

## Contributors

  

    
Antropos7

    
Elshad Humbatli

    
Steven Melendez

    
travisbreaks

    
raye-deng

    
KJyang-0114

  

[CONTRIBUTING.md](CONTRIBUTING.md) · [SECURITY.md](SECURITY.md) · [CODE_OF_CONDUCT.md](CODE_OF_CONDUCT.md)

## Support

If Aegis is useful to you, consider giving it a star on GitHub — it helps others discover the project.

**Teams & Enterprise** — Need centralized dashboards, SIEM integration, or managed deployment? We're building it. [Get notified](mailto:aegis@antropos17.dev?subject=Aegis%20Enterprise%20Interest)

## License

[MIT](LICENSE)

## Star History

[![Star History Chart](https://api.star-history.com/image?repos=antropos17/Aegis&type=timeline&legend=top-left)](https://www.star-history.com/?repos=antropos17%2FAegis&type=timeline&legend=top-left)