Release v0.25.0 — Shadow AI Detection for Repositories · Siddhant-K-code/agent-trace

Shadow AI Detection for Repositories

agent-strace audit-tools scans a git repository for AI tool usage signatures — no network calls, no API keys required.

agent-strace audit-tools
agent-strace audit-tools --repo . --since "90 days ago" --approved cursor,copilot

Detected tools: Claude Code, Cursor, GitHub Copilot, Codex/ChatGPT, Windsurf, Aider — identified via file signals (.cursorrules, CLAUDE.md, .github/copilot-instructions.md, etc.) and commit message patterns.

What it flags:

Unapproved tools against a configurable --approved list
Unknown LLM API endpoints found in .env git history
PII patterns in recently committed files

Useful for security audits and compliance reviews where you need to know which AI tools have touched a codebase.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

v0.25.0 — Shadow AI Detection for Repositories

Choose a tag to compare

Sorry, something went wrong.

Sorry, something went wrong.

Uh oh!

No results found

Shadow AI Detection for Repositories

Uh oh!