{"slug": "panoptes-ai-audit-and-alignment-layer", "title": "Panoptes – AI audit and alignment layer", "summary": "Panoptes, an AI audit and alignment layer, launches to provide universal observability, audit trails, and policy enforcement for AI coding agents like Claude Code, OpenAI Codex, Google Antigravity, and Hermes Agent. The tool captures every agent action into a single queryable database and can block dangerous operations before execution, addressing the lack of transparency in agent activity across production infrastructure.", "body_md": "**Universal agent observability, audit trail, and policy enforcement.**\n\nWorks with Claude Code, OpenAI Codex, Google Antigravity, and Hermes Agent.\n\nPanoptes watches your AI agents and tells you what they actually did. Recording every tool call, every file read, every shell command, every decision. It captures agent activity across multiple agent frameworks into a single, queryable audit trail, and can also **block dangerous actions before they execute** via configurable policies.\n\nNamed after [Panoptes](https://en.wikipedia.org/wiki/Argus_Panoptes), the all-seeing giant of Greek mythology with a hundred eyes, because your agents need a watcher that never blinks.\n\nCompanies are deploying AI coding agents (Claude Code, Codex, Hermes, Antigravity, Cursor) at scale. These agents have access to filesystems, shells, APIs, and production infrastructure. But nobody can answer basic questions like:\n\n- \"What did the agent actually do yesterday?\"\n- \"Did it access production credentials?\"\n- \"Which files did it read and modify?\"\n- \"How many shell commands did it run?\"\n\nEach agent stores its own format — Claude Code JSONL, Codex session files, Hermes hooks, Antigravity nothing. Panoptes normalizes everything into a single, queryable database with a universal schema, a CLI, and a policy engine that can **block** dangerous operations before they happen.\n\n```\npip install panoptes\n# Option 1: Start the proxy and route any agent through it\npanoptes proxy --port 8081 &\nHTTP_PROXY=http://localhost:8081 claude-code\n\n# Option 2: Hermes plugin (auto-captures every session)\npython -m panoptes.install_hermes_plugin\n# Overview\npanoptes status\n\n# Find tool calls\npanoptes query --agent hermes --event-type tool_call\n\n# See a full session timeline\npanoptes session <session-id>\n\n# Reconstruct the evidence chain for any event\npanoptes evidence <event-id>\n# List active policies\npanoptes policy list\n\n# Add a policy\npanoptes policy add no-prod-access.yaml\n\n# Check policies against recent events\npanoptes policy check\nQuery & Compliance  ←  CLI (query, status, session, evidence, policy)\n Normalization       ←  schema.py (universal event schema, validation, redaction)\n Storage             ←  db.py (SQLite, thread-safe WAL, 7 indices)\n Capture Adapters    ←  proxy.py (MITM HTTP proxy) + hermes_plugin.py (Hermes hooks)\n```\n\n| Adapter | How it works | Coverage |\n|---|---|---|\nProxy |\nMITM HTTP proxy intercepting LLM API traffic | Any agent that hits an LLM API over HTTP |\nHermes Plugin |\nNative Hermes hooks (`agent:step` , `agent:end` ) |\nHermes Agent — deepest integration |\n\nEvery event, from every agent, normalized to one format:\n\n```\n{\n  \"event_id\": \"uuid\",\n  \"timestamp\": \"2026-07-04T14:30:00Z\",\n  \"agent\": {\"type\": \"claude_code\", \"session_id\": \"abc123\"},\n  \"event_type\": \"tool_call\",\n  \"action\": {\n    \"tool_name\": \"terminal\",\n    \"parameters\": {\"command\": \"kubectl apply -f deploy.yaml\"},\n    \"target\": \"kubectl apply -f deploy.yaml\",\n    \"data_accessed\": [\"prod_deploy\"]\n  },\n  \"outcome\": {\"status\": \"success\", \"summary\": \"deployment applied\"},\n  \"context\": {\"turn_number\": 12, \"user_message\": \"deploy to prod\"},\n  \"cost\": {\"tokens_in\": 800, \"tokens_out\": 150}\n}\n```\n\nPolicies are YAML files in `~/.panoptes/policies/`\n\n. Example:\n\n```\nname: \"no-prod-access\"\ndescription: \"Block tool calls that access production configs\"\nenabled: true\nscope:\n  agents: [\"hermes\", \"claude_code\", \"codex\"]\nrule:\n  event_type: \"tool_call\"\n  conditions:\n    - field: \"action.data_accessed\"\n      operator: \"contains\"\n      value: \"prod\"\n    - field: \"action.tool_name\"\n      operator: \"in\"\n      value: [\"terminal\", \"write_file\", \"browser_navigate\"]\n  logic: \"AND\"\naction: block\nmessage: \"Production access blocked. Request approval first.\"\n```\n\n**8 condition operators:** `==`\n\n, `!=`\n\n, `contains`\n\n, `in`\n\n, `matches`\n\n(regex), `gt`\n\n, `lt`\n\n, `gte`\n\n, `lte`\n\n**Logic:** AND / OR\n\n**Scoping:** filter by agent type, session ID, event type\n\n**Rate limiting:** per-session counters (in-memory for v1)\n\n**Actions:** allow, warn, block\n\n| Agent | Capture Method | Depth |\n|---|---|---|\nClaude Code |\nProxy (HTTP interception) | Full API traffic |\nOpenAI Codex |\nProxy (HTTP interception) | Full API traffic |\nGoogle Antigravity |\nProxy (HTTP interception) | Full API traffic |\nHermes Agent |\nNative plugin (hooks) | Every tool call, turn, and decision |\nGemini CLI |\nProxy | Full API traffic |\nCursor CLI |\nProxy | Full API traffic |\nAny HTTP-based agent |\nProxy | Full API traffic |\n\n```\npanoptes proxy          Start the MITM audit proxy\npanoptes status         Show event statistics\npanoptes query          Query events (filter by agent, type, tool, time)\npanoptes session <id>   Full session timeline\npanoptes evidence <id>  Decision chain for an event\npanoptes policy list    List loaded policies\npanoptes policy add     Add a policy file\npanoptes policy check   Scan events for violations\npanoptes policy test    Test a policy against a JSON event\n# From PyPI (coming soon)\npip install panoptes\n\n# From source\ngit clone https://github.com/miggy-code/Panoptes.git\ncd Panoptes\npip install -e .\n```\n\nRequires Python 3.10+. Zero external dependencies beyond `httpx`\n\nand `pyyaml`\n\n.\n\nPanoptes is in active development. Core infrastructure is built and tested:\n\n| Phase | Status |\n|---|---|\n| Proxy capture (HTTP MITM) | ✅ Complete |\n| Hermes plugin (native hooks) | ✅ Complete |\n| Storage engine (SQLite) | ✅ Complete |\n| CLI (9 commands) | ✅ Complete |\n| Policy engine (YAML rules) | ✅ Complete |\n| Dashboard (web UI) | ⏳ Planned |\n\n**40/40 tests pass.**\n\nApache 2.0 — see [LICENSE](/miggy-code/Panoptes/blob/main/LICENSE).\n\nPanoptes is an open-source contribution to the AI agent infrastructure layer. PRs welcome.\n\nAreas where help is especially valuable:\n\n- Additional agent adapters (OTel receiver, MCP tracing)\n- Dashboard / web UI\n- Postgres storage backend\n- Policy packs for compliance frameworks (SOC 2, EU AI Act)\n\n[claude-code-trace](https://github.com/delexw/claude-code-trace)— Claude Code session viewer[claude-tap](https://github.com/liaohch3/claude-tap)— Universal agent proxy[Langfuse](https://langfuse.com)— Open-source LLM tracing[Arize Phoenix](https://github.com/Arize-AI/phoenix)— Open-source observability", "url": "https://wpnews.pro/news/panoptes-ai-audit-and-alignment-layer", "canonical_source": "https://github.com/miggy-code/Panoptes", "published_at": "2026-07-07 02:56:32+00:00", "updated_at": "2026-07-07 03:29:37.843852+00:00", "lang": "en", "topics": ["ai-safety", "ai-agents", "ai-tools", "ai-infrastructure", "ai-policy"], "entities": ["Panoptes", "Claude Code", "OpenAI Codex", "Google Antigravity", "Hermes Agent", "Cursor"], "alternates": {"html": "https://wpnews.pro/news/panoptes-ai-audit-and-alignment-layer", "markdown": "https://wpnews.pro/news/panoptes-ai-audit-and-alignment-layer.md", "text": "https://wpnews.pro/news/panoptes-ai-audit-and-alignment-layer.txt", "jsonld": "https://wpnews.pro/news/panoptes-ai-audit-and-alignment-layer.jsonld"}}