I got tired of not knowing what my AI coding agent was actually doing — so I built a runtime transparency layer into it
Today it instruments CyxCode’s process and filesystem wrappers, records shell/file/network-style events with session
and prompt context, scores risky activity, writes local JSONL audit logs, and exposes dashboard/report APIs.
Destructive shell commands are blocked before spawn, and sensitive writes/risky actions are classified for policy
decisions.
None of the major coding CLIs have this. Not Claude Code, not Cursor, not Windsurf, not Aider. They're all trust-and-hope.
CyxCode is open source fork from opencode and the repo is live. If this is a problem you've thought about too, I'd really appreciate a star — it helps signal that runtime AI transparency is worth building properly.
u/YoungCJ12 — 1 day ago