Open Source · Apache 2.0

Every action your AI agents take.
Logged. Classified. Audit-ready.

Open-source compliance monitoring for AI agents.
From Claude Code to Cowork — auto PII detection, risk scoring,
and GDPR / AI Act / SOC 2 mapping. Self-host or use our cloud.

View on GitHub → Read the Docs

pip install agentic-audit

from agentaudit import AgentAudit

audit = AgentAudit(api_key="aa_live_xxxxx")

event = audit.log(
    agent_id="booking-agent-v2",
    action="access_customer_record",
    data={"customer_email": "[email protected]", "fields": ["email", "phone"]},
    reasoning="Customer requested booking modification",
)

print(event.risk_level)   # → "medium"
print(event.pii_detected) # → True
print(event.frameworks)   # → {"gdpr": ["art_30"], "ai_act": ["art_14"]}

curl -X POST https://api.agentaudit.dev/v1/events \
  -H "Authorization: Bearer aa_live_xxxxx" \
  -H "Content-Type: application/json" \
  -d '{
    "agent_id": "booking-agent-v2",
    "action": "access_customer_record",
    "data": {"customer_email": "[email protected]"},
    "reasoning": "Customer requested booking modification"
  }'

# → {"risk_level": "medium", "pii_detected": true, "frameworks": {"gdpr": ["art_30"]}}

// .claude/settings.json — every action logged automatically
{
  "hooks": {
    "PreToolUse": [
      {
        "matcher": "",
        "hooks": [{
          "type": "command",
          "command": "agentaudit-hook pre"
        }]
      }
    ],
    "PostToolUse": [
      {
        "matcher": "",
        "hooks": [{
          "type": "command",
          "command": "agentaudit-hook post"
        }]
      }
    ]
  }
}
// Zero tokens. Zero code changes. Every action captured.

Your agents are powerful.
But who's watching them?

AI agents are accessing customer data, running shell commands, querying production databases, and browsing confidential documents — right now, inside your infrastructure.

Anthropic's own audit tools don't capture Cowork activity. LangSmith tracks tokens, not actions. Zenity costs six figures and takes six months.

AgenticAudit fills the gap. Open source. Self-hostable. Audit-ready in 15 minutes.

GDPR AI Act SOC 2

Three layers of intelligence.
Zero manual work.

Step 1

Capture

Hooks fire on every action — the agent can't skip it. File reads, shell commands, API calls, connector access. All captured.

Step 2

Classify

Auto PII detection — emails, IPs, API keys, credit cards. Risk scoring from low to critical. No configuration needed.

Step 3

Map

GDPR Art. 30, AI Act Art. 14, SOC 2 CC6.1 — mapped automatically. Your compliance officer gets reports, not spreadsheets.

What your security team sees.

AgenticAudit Dashboard

Policy: Full ▼

Events1,247

High Risk23

PII Detected89

Frameworks Mapped3

Time	Agent	Action	Risk	PII	Framework
14:02:03	claude-code	shell_commandpsql -h prod-db SELECT email FROM users	⚠ HIGH	✓	Art. 30
14:03:44	cowork	connector_accessgoogle_drive:read "Employee Comp Analysis.xlsx"	⚠ HIGH	✓	Art. 15
14:05:12	claude-code	file_read.env.production	● CRIT	✓	Art. 30
14:05:30	claude-code	shell_commandnpm test	○ LOW	✗	—
14:06:01	cowork	connector_accessweb_search: "market analysis Q1 2026"	○ LOW	✗	—

Built for the two biggest
AI agent platforms.

🔧

Claude Code

"Deterministic hooks. Enterprise-enforceable."

Every file read, shell command, and code edit — logged automatically. Admins push config centrally. Developers can't opt out. One JSON config. Zero token overhead.

Compatibility: 10/10

View Setup Guide →

📋

Cowork

"Native OTLP integration for knowledge workers."

Every connector access, file operation, and web browse — audited via OpenTelemetry. Google Drive, Salesforce, DocuSign, Gmail — all captured. Point Cowork's OTLP endpoint to AgenticAudit. Zero setup for users.

Compatibility: 10/10

View Setup Guide →

Also works with: LangChain CrewAI Codex (coming) Cursor Any REST API

Everything you need.
Nothing you don't.

Auto PII Detection

PII? Caught.

Emails, IPs, API keys, credit cards, connection strings — flagged automatically. No configuration needed.

[email protected] → EMAIL detected

Risk Scoring

Every action scored.

Rules-based engine: low, medium, high, critical. Based on action type, data sensitivity, and environment.

LOW MED HIGH CRIT

Policy System

Set the rules once.

Four levels: minimal (GDPR-only), standard, full, paranoid (real-time blocking). Changes propagate instantly.

minimal standard ✓ full paranoid

Framework Mapping

Compliance on autopilot.

GDPR Art. 13/15/17/22/30, AI Act Art. 9/13/14, SOC 2 CC6.1/CC6.5/CC7.2 — mapped automatically to every event.

GDPR AI Act SOC 2

Immutable Audit Trail

Tamper-evident by design.

Append-only event store. Events can never be modified or deleted via API. Built for auditor trust.

🔒

Open Source

Apache 2.0. No gotchas.

Self-host it. Inspect every line. Your audit data never leaves your infrastructure unless you want it to.

Apache 2.0

How much do you care?
You decide.

Minimal

"Just keep us GDPR compliant."

Only logs events where PII is detected. Everything else is ignored. Lightweight, low noise.

Best for: Small startups, early teams

Default

Standard

"Log anything sensitive."

All data access and security-sensitive operations. Routine actions skipped. Good signal-to-noise ratio.

Best for: Most companies

Full

"Log everything."

Complete timeline of every action every agent takes. Nothing skipped. Full audit trail.

Best for: Active audits, regulated industries

Paranoid

"Log everything. Block the dangerous stuff."

Real-time blocking via hooks. High-risk actions stopped before execution. Maximum protection.

Best for: Fintech, healthcare, government

Start free. Self-host forever.
Or let us run it.

Open Source (Community)

Free forever · Apache 2.0

Full ingest API
Python SDK + Hook CLI
Cowork OTLP receiver
Auto PII detection
Risk scoring + framework mapping
Dashboard
All 4 policy levels
Claude Code + Cowork integrations
Docker Compose deployment
Unlimited events (self-hosted)

View on GitHub →

Cloud Managed hosting + extras

	Free	Pro	Team
Price	$0/mo	$49/mo	$199/mo
Events	10K/mo	100K/mo	1M/mo
Retention	30 days	1 year	2 years
Auto reports	—	✓	✓
Per-team policies	—	—	✓
RBAC / SSO	—	—	✓
SLA	—	—	99.9%

Enterprise: Custom Contact Us

The open-source version is the full product, not a demo. Cloud adds managed hosting, retention, reports, and enterprise features.

Works with what you already use.

Agent	Support	Method	Enterprise Enforceable
Claude Code	✅ Full (10/10)	Deterministic hooks	✅ Policy settings
Cowork	✅ Full (10/10)	Native OTLP	✅ Org settings
LangChain	✅ Full	Callback handler	—
CrewAI	✅ Full	Event hook	—
Codex	🟡 Partial (4/10)	Transcript parsing	❌ Not yet
Cursor	🟡 Partial (5/10)	Hooks + MCP	❌ Unclear
Any agent	✅ Full	REST API / Python SDK	—

We're honest about what works. Claude Code and Cowork have 10/10 integration. Others are catching up.

Every action your AI agents take.Logged. Classified. Audit-ready.

Your agents are powerful.But who's watching them?

Three layers of intelligence.Zero manual work.